xrpl 2.10.0 → 2.12.0-beta.0

package/src/Wallet/index.ts

@@ -0,0 +1,504 @@
+import BigNumber from 'bignumber.js'
+import { fromSeed } from 'bip32'
+import { mnemonicToSeedSync, validateMnemonic } from 'bip39'
+import omitBy from 'lodash/omitBy'
+import {
+  classicAddressToXAddress,
+  isValidXAddress,
+  xAddressToClassicAddress,
+  encodeSeed,
+} from 'ripple-address-codec'
+import {
+  decode,
+  encodeForSigning,
+  encodeForMultisigning,
+  encode,
+} from 'ripple-binary-codec'
+import {
+  deriveAddress,
+  deriveKeypair,
+  generateSeed,
+  verify,
+  sign,
+} from 'ripple-keypairs'
+
+import ECDSA from '../ECDSA'
+import { ValidationError } from '../errors'
+import { Transaction, validate } from '../models/transactions'
+import { ensureClassicAddress } from '../sugar/utils'
+import { hashSignedTx } from '../utils/hashes/hashLedger'
+
+import { rfc1751MnemonicToKey } from './rfc1751'
+
+const DEFAULT_ALGORITHM: ECDSA = ECDSA.ed25519
+const DEFAULT_DERIVATION_PATH = "m/44'/144'/0'/0/0"
+
+function hexFromBuffer(buffer: Buffer): string {
+  return buffer.toString('hex').toUpperCase()
+}
+
+/**
+ * A utility for deriving a wallet composed of a keypair (publicKey/privateKey).
+ * A wallet can be derived from either a seed, mnemonic, or entropy (array of random numbers).
+ * It provides functionality to sign/verify transactions offline.
+ *
+ * @example
+ * ```typescript
+ *
+ * // Derive a wallet from a base58 encoded seed.
+ * const seedWallet = Wallet.fromSeed('ssZkdwURFMBXenJPbrpE14b6noJSu')
+ * console.log(seedWallet)
+ * // Wallet {
+ * // publicKey: '02FE9932A9C4AA2AC9F0ED0F2B89302DE7C2C95F91D782DA3CF06E64E1C1216449',
+ * // privateKey: '00445D0A16DD05EFAF6D5AF45E6B8A6DE4170D93C0627021A0B8E705786CBCCFF7',
+ * // classicAddress: 'rG88FVLjvYiQaGftSa1cKuE2qNx7aK5ivo',
+ * // seed: 'ssZkdwURFMBXenJPbrpE14b6noJSu'
+ * // }.
+ *
+ * // Sign a JSON Transaction
+ *  const signed = seedWallet.signTransaction({
+ *      TransactionType: 'Payment',
+ *      Account: 'rG88FVLjvYiQaGftSa1cKuE2qNx7aK5ivo'
+ *      ...........
+ * }).
+ *
+ * console.log(signed)
+ * // '1200007321......B01BE1DFF3'.
+ * console.log(decode(signed))
+ * // {
+ * //   TransactionType: 'Payment',
+ * //   SigningPubKey: '02FE9932A9C4AA2AC9F0ED0F2B89302DE7C2C95F91D782DA3CF06E64E1C1216449',
+ * //   TxnSignature: '3045022100AAD......5B631ABD21171B61B07D304',
+ * //   Account: 'rG88FVLjvYiQaGftSa1cKuE2qNx7aK5ivo'
+ * //   ...........
+ * // }
+ * ```
+ *
+ * @category Signing
+ */
+export class Wallet {
+  public readonly publicKey: string
+  public readonly privateKey: string
+  public readonly classicAddress: string
+  public readonly seed?: string
+
+  /**
+   * Creates a new Wallet.
+   *
+   * @param publicKey - The public key for the account.
+   * @param privateKey - The private key used for signing transactions for the account.
+   * @param opts - (Optional) Options to initialize a Wallet.
+   * @param opts.masterAddress - Include if a Wallet uses a Regular Key Pair. It must be the master address of the account.
+   * @param opts.seed - The seed used to derive the account keys.
+   */
+  public constructor(
+    publicKey: string,
+    privateKey: string,
+    opts: {
+      masterAddress?: string
+      seed?: string
+    } = {},
+  ) {
+    this.publicKey = publicKey
+    this.privateKey = privateKey
+    this.classicAddress = opts.masterAddress
+      ? ensureClassicAddress(opts.masterAddress)
+      : deriveAddress(publicKey)
+    this.seed = opts.seed
+  }
+
+  /**
+   * Alias for wallet.classicAddress.
+   *
+   * @returns The wallet's classic address.
+   */
+  public get address(): string {
+    return this.classicAddress
+  }
+
+  /**
+   * `generate()` creates a new random Wallet. In order to make this a valid account on ledger, you must
+   * Send XRP to it. On test networks that can be done with "faucets" which send XRP to any account which asks
+   * For it. You can call `client.fundWallet()` in order to generate credentials and fund the account on test networks.
+   *
+   * @example
+   * ```ts
+   * const { Wallet } = require('xrpl')
+   * const wallet = Wallet.generate()
+   * ```
+   *
+   * @param algorithm - The digital signature algorithm to generate an address for.
+   * @returns A new Wallet derived from a generated seed.
+   *
+   * @throws ValidationError when signing algorithm isn't valid
+   */
+  public static generate(algorithm: ECDSA = DEFAULT_ALGORITHM): Wallet {
+    if (!Object.values(ECDSA).includes(algorithm)) {
+      throw new ValidationError('Invalid cryptographic signing algorithm')
+    }
+    const seed = generateSeed({ algorithm })
+    return Wallet.fromSeed(seed)
+  }
+
+  /**
+   * Derives a wallet from a seed.
+   *
+   * @param seed - A string used to generate a keypair (publicKey/privateKey) to derive a wallet.
+   * @param opts - (Optional) Options to derive a Wallet.
+   * @param opts.algorithm - The digital signature algorithm to generate an address for.
+   * @param opts.masterAddress - Include if a Wallet uses a Regular Key Pair. It must be the master address of the account.
+   * @returns A Wallet derived from a seed.
+   */
+  public static fromSeed(
+    seed: string,
+    opts: { masterAddress?: string; algorithm?: ECDSA } = {},
+  ): Wallet {
+    return Wallet.deriveWallet(seed, {
+      algorithm: opts.algorithm,
+      masterAddress: opts.masterAddress,
+    })
+  }
+
+  /**
+   * Derives a wallet from a secret (AKA a seed).
+   *
+   * @param secret - A string used to generate a keypair (publicKey/privateKey) to derive a wallet.
+   * @param opts - (Optional) Options to derive a Wallet.
+   * @param opts.algorithm - The digital signature algorithm to generate an address for.
+   * @param opts.masterAddress - Include if a Wallet uses a Regular Key Pair. It must be the master address of the account.
+   * @returns A Wallet derived from a secret (AKA a seed).
+   */
+  // eslint-disable-next-line @typescript-eslint/member-ordering -- Member is used as a function here
+  public static fromSecret = Wallet.fromSeed
+
+  /**
+   * Derives a wallet from an entropy (array of random numbers).
+   *
+   * @param entropy - An array of random numbers to generate a seed used to derive a wallet.
+   * @param opts - (Optional) Options to derive a Wallet.
+   * @param opts.algorithm - The digital signature algorithm to generate an address for.
+   * @param opts.masterAddress - Include if a Wallet uses a Regular Key Pair. It must be the master address of the account.
+   * @returns A Wallet derived from an entropy.
+   */
+  public static fromEntropy(
+    entropy: Uint8Array | number[],
+    opts: { masterAddress?: string; algorithm?: ECDSA } = {},
+  ): Wallet {
+    const algorithm = opts.algorithm ?? DEFAULT_ALGORITHM
+    const options = {
+      entropy: Uint8Array.from(entropy),
+      algorithm,
+    }
+    const seed = generateSeed(options)
+    return Wallet.deriveWallet(seed, {
+      algorithm,
+      masterAddress: opts.masterAddress,
+    })
+  }
+
+  /**
+   * Derives a wallet from a bip39 or RFC1751 mnemonic (Defaults to bip39).
+   *
+   * @deprecated since version 2.6.1.
+   * Will be deleted in version 3.0.0.
+   * This representation is currently deprecated in rippled.
+   * You should use another method to represent your keys such as a seed or public/private keypair.
+   *
+   * @param mnemonic - A string consisting of words (whitespace delimited) used to derive a wallet.
+   * @param opts - (Optional) Options to derive a Wallet.
+   * @param opts.masterAddress - Include if a Wallet uses a Regular Key Pair. It must be the master address of the account.
+   * @param opts.derivationPath - The path to derive a keypair (publicKey/privateKey). Only used for bip39 conversions.
+   * @param opts.mnemonicEncoding - If set to 'rfc1751', this interprets the mnemonic as a rippled RFC1751 mnemonic like
+   *                          `wallet_propose` generates in rippled. Otherwise the function defaults to bip39 decoding.
+   * @param opts.algorithm - Only used if opts.mnemonicEncoding is 'rfc1751'. Allows the mnemonic to generate its
+   *                         secp256k1 seed, or its ed25519 seed. By default, it will generate the secp256k1 seed
+   *                         to match the rippled `wallet_propose` default algorithm.
+   * @returns A Wallet derived from a mnemonic.
+   * @throws ValidationError if unable to derive private key from mnemonic input.
+   */
+  public static fromMnemonic(
+    mnemonic: string,
+    opts: {
+      masterAddress?: string
+      derivationPath?: string
+      mnemonicEncoding?: 'bip39' | 'rfc1751'
+      algorithm?: ECDSA
+    } = {},
+  ): Wallet {
+    if (opts.mnemonicEncoding === 'rfc1751') {
+      return Wallet.fromRFC1751Mnemonic(mnemonic, {
+        masterAddress: opts.masterAddress,
+        algorithm: opts.algorithm,
+      })
+    }
+    // Otherwise decode using bip39's mnemonic standard
+    if (!validateMnemonic(mnemonic)) {
+      throw new ValidationError(
+        'Unable to parse the given mnemonic using bip39 encoding',
+      )
+    }
+
+    const seed = mnemonicToSeedSync(mnemonic)
+    const masterNode = fromSeed(seed)
+    const node = masterNode.derivePath(
+      opts.derivationPath ?? DEFAULT_DERIVATION_PATH,
+    )
+    if (node.privateKey === undefined) {
+      throw new ValidationError(
+        'Unable to derive privateKey from mnemonic input',
+      )
+    }
+
+    const publicKey = hexFromBuffer(node.publicKey)
+    const privateKey = hexFromBuffer(node.privateKey)
+    return new Wallet(publicKey, `00${privateKey}`, {
+      masterAddress: opts.masterAddress,
+    })
+  }
+
+  /**
+   * Derives a wallet from a RFC1751 mnemonic, which is how `wallet_propose` encodes mnemonics.
+   *
+   * @param mnemonic - A string consisting of words (whitespace delimited) used to derive a wallet.
+   * @param opts - (Optional) Options to derive a Wallet.
+   * @param opts.masterAddress - Include if a Wallet uses a Regular Key Pair. It must be the master address of the account.
+   * @param opts.algorithm - The digital signature algorithm to generate an address for.
+   * @returns A Wallet derived from a mnemonic.
+   */
+  private static fromRFC1751Mnemonic(
+    mnemonic: string,
+    opts: { masterAddress?: string; algorithm?: ECDSA },
+  ): Wallet {
+    const seed = rfc1751MnemonicToKey(mnemonic)
+    let encodeAlgorithm: 'ed25519' | 'secp256k1'
+    if (opts.algorithm === ECDSA.ed25519) {
+      encodeAlgorithm = 'ed25519'
+    } else {
+      // Defaults to secp256k1 since that's the default for `wallet_propose`
+      encodeAlgorithm = 'secp256k1'
+    }
+    const encodedSeed = encodeSeed(seed, encodeAlgorithm)
+    return Wallet.fromSeed(encodedSeed, {
+      masterAddress: opts.masterAddress,
+      algorithm: opts.algorithm,
+    })
+  }
+
+  /**
+   * Derive a Wallet from a seed.
+   *
+   * @param seed - The seed used to derive the wallet.
+   * @param opts - (Optional) Options to derive a Wallet.
+   * @param opts.algorithm - The digital signature algorithm to generate an address for.
+   * @param opts.masterAddress - Include if a Wallet uses a Regular Key Pair. It must be the master address of the account.
+   * @returns A Wallet derived from the seed.
+   */
+  private static deriveWallet(
+    seed: string,
+    opts: { masterAddress?: string; algorithm?: ECDSA } = {},
+  ): Wallet {
+    const { publicKey, privateKey } = deriveKeypair(seed, {
+      algorithm: opts.algorithm ?? DEFAULT_ALGORITHM,
+    })
+    return new Wallet(publicKey, privateKey, {
+      seed,
+      masterAddress: opts.masterAddress,
+    })
+  }
+
+  /**
+   * Signs a transaction offline.
+   *
+   * @example
+   *
+   * ```ts
+   * const { Client, Wallet } = require('xrpl')
+   * const client = new Client('wss://s.altnet.rippletest.net:51233')
+   *
+   * async function signTransaction() {
+   *   await client.connect()
+   *   const { balance: balance1, wallet: wallet1 } = client.fundWallet()
+   *   const { balance: balance2, wallet: wallet2 } = client.fundWallet()
+   *
+   *   const transaction = {
+   *     TransactionType: 'Payment',
+   *     Account: wallet1.address,
+   *     Destination: wallet2.address,
+   *     Amount: '10'
+   *   }
+   *
+   *   try {
+   *     await client.autofill(transaction)
+   *     const { tx_blob: signed_tx_blob, hash} = await wallet1.sign(transaction)
+   *     console.log(signed_tx_blob)
+   *   } catch (error) {
+   *     console.error(`Failed to sign transaction: ${error}`)
+   *   }
+   *   const result = await client.submit(signed_tx_blob)
+   *   await client.disconnect()
+   * }
+   *
+   * signTransaction()
+   * ```
+   * In order for a transaction to be validated, it must be signed by the account sending the transaction to prove
+   * That the owner is actually the one deciding to take that action.
+   *
+   * In this example, we created, signed, and then submitted a transaction to testnet. You may notice that the
+   * Output of `sign` includes a `tx_blob` and a `hash`, both of which are needed to submit & verify the results.
+   * Note: If you pass a `Wallet` to `client.submit` or `client.submitAndWait` it will do signing like this under the hood.
+   *
+   * `tx_blob` is a binary representation of a transaction on the XRP Ledger. It's essentially a byte array
+   * that encodes all of the data necessary to execute the transaction, including the source address, the destination
+   * address, the amount, and any additional fields required for the specific transaction type.
+   *
+   * `hash` is a unique identifier that's generated from the signed transaction data on the XRP Ledger. It's essentially
+   * A cryptographic digest of the signed transaction blob, created using a hash function. The signed transaction hash is
+   * Useful for identifying and tracking specific transactions on the XRP Ledger. It can be used to query transaction
+   * Information, verify the authenticity of a transaction, and detect any tampering with the transaction data.
+   *
+   * @param this - Wallet instance.
+   * @param transaction - A transaction to be signed offline.
+   * @param multisign - Specify true/false to use multisign or actual address (classic/x-address) to make multisign tx request.
+   * @returns A signed transaction.
+   * @throws ValidationError if the transaction is already signed or does not encode/decode to same result.
+   * @throws XrplError if the issued currency being signed is XRP ignoring case.
+   */
+  // eslint-disable-next-line max-lines-per-function -- introduced more checks to support both string and boolean inputs.
+  public sign(
+    this: Wallet,
+    transaction: Transaction,
+    multisign?: boolean | string,
+  ): {
+    tx_blob: string
+    hash: string
+  } {
+    let multisignAddress: boolean | string = false
+    if (typeof multisign === 'string' && multisign.startsWith('X')) {
+      multisignAddress = multisign
+    } else if (multisign) {
+      multisignAddress = this.classicAddress
+    }
+
+    // clean null & undefined valued tx properties
+    // eslint-disable-next-line @typescript-eslint/consistent-type-assertions -- ensure Transaction flows through
+    const tx = omitBy(
+      { ...transaction },
+      (value) => value == null,
+    ) as unknown as Transaction
+
+    if (tx.TxnSignature || tx.Signers) {
+      throw new ValidationError(
+        'txJSON must not contain "TxnSignature" or "Signers" properties',
+      )
+    }
+
+    removeTrailingZeros(tx)
+
+    /*
+     * This will throw a more clear error for JS users if the supplied transaction has incorrect formatting
+     */
+    // eslint-disable-next-line @typescript-eslint/consistent-type-assertions -- validate does not accept Transaction type
+    validate(tx as unknown as Record<string, unknown>)
+
+    const txToSignAndEncode = { ...tx }
+
+    txToSignAndEncode.SigningPubKey = multisignAddress ? '' : this.publicKey
+
+    if (multisignAddress) {
+      const signer = {
+        Account: multisignAddress,
+        SigningPubKey: this.publicKey,
+        TxnSignature: computeSignature(
+          txToSignAndEncode,
+          this.privateKey,
+          multisignAddress,
+        ),
+      }
+      txToSignAndEncode.Signers = [{ Signer: signer }]
+    } else {
+      txToSignAndEncode.TxnSignature = computeSignature(
+        txToSignAndEncode,
+        this.privateKey,
+      )
+    }
+
+    const serialized = encode(txToSignAndEncode)
+    return {
+      tx_blob: serialized,
+      hash: hashSignedTx(serialized),
+    }
+  }
+
+  /**
+   * Verifies a signed transaction offline.
+   *
+   * @param signedTransaction - A signed transaction (hex string of signTransaction result) to be verified offline.
+   * @returns Returns true if a signedTransaction is valid.
+   */
+  public verifyTransaction(signedTransaction: Transaction | string): boolean {
+    const tx =
+      typeof signedTransaction === 'string'
+        ? decode(signedTransaction)
+        : signedTransaction
+    const messageHex: string = encodeForSigning(tx)
+    const signature = tx.TxnSignature
+    return verify(messageHex, signature, this.publicKey)
+  }
+
+  /**
+   * Gets an X-address in Testnet/Mainnet format.
+   *
+   * @param tag - A tag to be included within the X-address.
+   * @param isTestnet - A boolean to indicate if X-address should be in Testnet (true) or Mainnet (false) format.
+   * @returns An X-address.
+   */
+  public getXAddress(tag: number | false = false, isTestnet = false): string {
+    return classicAddressToXAddress(this.classicAddress, tag, isTestnet)
+  }
+}
+
+/**
+ * Signs a transaction with the proper signing encoding.
+ *
+ * @param tx - A transaction to sign.
+ * @param privateKey - A key to sign the transaction with.
+ * @param signAs - Multisign only. An account address to include in the Signer field.
+ * Can be either a classic address or an XAddress.
+ * @returns A signed transaction in the proper format.
+ */
+function computeSignature(
+  tx: Transaction,
+  privateKey: string,
+  signAs?: string,
+): string {
+  if (signAs) {
+    const classicAddress = isValidXAddress(signAs)
+      ? xAddressToClassicAddress(signAs).classicAddress
+      : signAs
+
+    return sign(encodeForMultisigning(tx, classicAddress), privateKey)
+  }
+  return sign(encodeForSigning(tx), privateKey)
+}
+
+/**
+ * Remove trailing insignificant zeros for non-XRP Payment amount.
+ * This resolves the serialization mismatch bug when encoding/decoding a non-XRP Payment transaction
+ * with an amount that contains trailing insignificant zeros; for example, '123.4000' would serialize
+ * to '123.4' and cause a mismatch.
+ *
+ * @param tx - The transaction prior to signing.
+ */
+function removeTrailingZeros(tx: Transaction): void {
+  if (
+    tx.TransactionType === 'Payment' &&
+    typeof tx.Amount !== 'string' &&
+    tx.Amount.value.includes('.') &&
+    tx.Amount.value.endsWith('0')
+  ) {
+    // eslint-disable-next-line no-param-reassign -- Required to update Transaction.Amount.value
+    tx.Amount = { ...tx.Amount }
+    // eslint-disable-next-line no-param-reassign -- Required to update Transaction.Amount.value
+    tx.Amount.value = new BigNumber(tx.Amount.value).toString()
+  }
+}

package/src/Wallet/rfc1751.ts

@@ -0,0 +1,190 @@
+/* eslint-disable @typescript-eslint/no-magic-numbers -- Doing many bitwise operations which need specific numbers */
+/* eslint-disable no-bitwise -- Bitwise operators are required for this encoding/decoding */
+/* eslint-disable id-length -- Bitwise math uses shorthand terms */
+/*
+ *rfc1751.ts : Converts between 128-bit strings and a human-readable
+ *sequence of words, as defined in RFC1751: "A Convention for
+ *Human-Readable 128-bit Keys", by Daniel L. McDonald.
+ *Ported from rfc1751.py / Python Cryptography Toolkit (public domain).
+ *Copied from https://github.com/bip32/bip32.github.io/blob/master/js/rfc1751.js which
+ *is part of the public domain.
+ */
+
+import rfc1751Words from './rfc1751Words.json'
+
+const rfc1751WordList: string[] = rfc1751Words
+
+// Added prettier-ignore to allow _BINARY to be on two lines, instead of one entry per line.
+
+// prettier-ignore
+const BINARY = ['0000', '0001', '0010', '0011', '0100', '0101', '0110', '0111',
+                '1000', '1001', '1010', '1011', '1100', '1101', '1110', '1111'];
+
+/**
+ * Convert a number array into a binary string.
+ *
+ * @param key - An array of numbers in base 10.
+ * @returns A binary string.
+ */
+function keyToBinary(key: number[]): string {
+  let res = ''
+  for (const num of key) {
+    res += BINARY[num >> 4] + BINARY[num & 0x0f]
+  }
+  return res
+}
+
+/**
+ * Converts a substring of an encoded secret to its numeric value.
+ *
+ * @param key - The encoded secret.
+ * @param start - The start index to parse from.
+ * @param length - The number of digits to parse after the start index.
+ * @returns The binary value of the substring.
+ */
+function extract(key: string, start: number, length: number): number {
+  const subKey = key.substring(start, start + length)
+  let acc = 0
+  for (let index = 0; index < subKey.length; index++) {
+    acc = acc * 2 + subKey.charCodeAt(index) - 48
+  }
+  return acc
+}
+
+/**
+ * Generates a modified RFC1751 mnemonic in the same way rippled's wallet_propose does.
+ *
+ * @param hex_key - An encoded secret in hex format.
+ * @returns A mnemonic following rippled's modified RFC1751 mnemonic standard.
+ */
+function keyToRFC1751Mnemonic(hex_key: string): string {
+  // Remove whitespace and interpret hex
+  const buf = Buffer.from(hex_key.replace(/\s+/gu, ''), 'hex')
+  // Swap byte order and use rfc1751
+  let key: number[] = bufferToArray(swap128(buf))
+
+  // pad to 8 bytes
+  const padding: number[] = []
+  for (let index = 0; index < (8 - (key.length % 8)) % 8; index++) {
+    padding.push(0)
+  }
+  key = padding.concat(key)
+
+  const english: string[] = []
+  for (let index = 0; index < key.length; index += 8) {
+    const subKey = key.slice(index, index + 8)
+
+    // add parity
+    let skbin = keyToBinary(subKey)
+    let parity = 0
+    for (let j = 0; j < 64; j += 2) {
+      parity += extract(skbin, j, 2)
+    }
+    subKey.push((parity << 6) & 0xff)
+
+    skbin = keyToBinary(subKey)
+    for (let j = 0; j < 64; j += 11) {
+      english.push(rfc1751WordList[extract(skbin, j, 11)])
+    }
+  }
+  return english.join(' ')
+}
+
+/**
+ * Converts an english mnemonic following rippled's modified RFC1751 standard to an encoded hex secret.
+ *
+ * @param english - A mnemonic generated using ripple's modified RFC1751 standard.
+ * @throws Error if the parity after decoding does not match.
+ * @returns A Buffer containing an encoded secret.
+ */
+function rfc1751MnemonicToKey(english: string): Buffer {
+  const words = english.split(' ')
+  let key: number[] = []
+
+  for (let index = 0; index < words.length; index += 6) {
+    const { subKey, word }: { subKey: number[]; word: string } = getSubKey(
+      words,
+      index,
+    )
+
+    // check parity
+    const skbin = keyToBinary(subKey)
+    let parity = 0
+    for (let j = 0; j < 64; j += 2) {
+      parity += extract(skbin, j, 2)
+    }
+    const cs0 = extract(skbin, 64, 2)
+    const cs1 = parity & 3
+    if (cs0 !== cs1) {
+      throw new Error(`Parity error at ${word}`)
+    }
+
+    key = key.concat(subKey.slice(0, 8))
+  }
+
+  // This is a step specific to the XRPL's implementation
+  const bufferKey = swap128(Buffer.from(key))
+  return bufferKey
+}
+
+function getSubKey(
+  words: string[],
+  index: number,
+): { subKey: number[]; word: string } {
+  const sublist = words.slice(index, index + 6)
+  let bits = 0
+  const ch = [0, 0, 0, 0, 0, 0, 0, 0, 0]
+  let word = ''
+  for (word of sublist) {
+    const idx = rfc1751WordList.indexOf(word.toUpperCase())
+    if (idx === -1) {
+      throw new TypeError(
+        `Expected an RFC1751 word, but received '${word}'. ` +
+          `For the full list of words in the RFC1751 encoding see https://datatracker.ietf.org/doc/html/rfc1751`,
+      )
+    }
+    const shift = (8 - ((bits + 11) % 8)) % 8
+    const y = idx << shift
+    const cl = y >> 16
+    const cc = (y >> 8) & 0xff
+    const cr = y & 0xff
+    const t = Math.floor(bits / 8)
+    if (shift > 5) {
+      ch[t] |= cl
+      ch[t + 1] |= cc
+      ch[t + 2] |= cr
+    } else if (shift > -3) {
+      ch[t] |= cc
+      ch[t + 1] |= cr
+    } else {
+      ch[t] |= cr
+    }
+    bits += 11
+  }
+  const subKey: number[] = ch.slice()
+  return { subKey, word }
+}
+
+function bufferToArray(buf: Buffer): number[] {
+  /* eslint-disable-next-line @typescript-eslint/consistent-type-assertions -- We know the end type */
+  return Array.prototype.slice.call(buf) as number[]
+}
+
+/**
+ * Swap the byte order of a 128-bit buffer.
+ *
+ * @param buf - A 128-bit (16 byte) buffer
+ * @returns A buffer containing the same data with reversed endianness
+ */
+function swap128(buf: Buffer): Buffer {
+  // Interprets buffer as an array of (two, in this case) 64-bit numbers and swaps byte order in-place.
+  const reversedBytes = buf.swap64()
+
+  // Swap the two 64-bit numbers since our buffer is 128 bits.
+  return Buffer.concat(
+    [reversedBytes.slice(8, 16), reversedBytes.slice(0, 8)],
+    16,
+  )
+}
+
+export { rfc1751MnemonicToKey, keyToRFC1751Mnemonic }