Zippie Vault API

Zippie Vault API is the main application interface into Zippie Vault

Zippie Vault API provides a simple interface for interacting with Zippie Vault derived cryptographic keys allowing cryptographic signing and encryption of arbitrary data.

Currently the only cryptographic algorithm implemented is Elliptic Curve secp256k1 suitable for Bitcoin and Ethereum Wallets.

Key Paths

Key paths are to be given in the following format of maximum 16bit integer numbers m/99999/99999/...

Each key is derived from the given path in a hierarchial manner where the parent path is used to generate all children keys eg. m/0/1/2/3; Key 2 is generated by Key 1, which is generated by Key 0 m/0/5; Key 5 is also generated by Key 0

Dependencies

  • Node.js
  • NPM

Install from npm repository

npm install @zippie/vault-api

Building

npm install

Run Tests

Mocha unit tests need to be run through a web browser

npm run test

Example

API Usage examples are available in example.js and can be run with the following command:

npm run example

API

Imports

import Vault from '@zippie/vault-api';
import * as shajs from 'sha.js';

Init Vault

The init call is the entry point to the zippie vault, this call will check for an existing vault service worker and redirect the user to onboarding if required

const vault = new Vault({vault_uri: 'https://vault.dev.zippie.org'})
vault.setup()
.then(_ => vault.signin())
.then(
  result => {
    console.log("Zippie Vault Ready & Signed In");
  })
.catch(
  error => {
    console.error("Init error:", error)
  })

Key Info

Get public key information for a particular vault path. These will be particular to your dapp, and you can have as many as you like eg. 'm/0', 'm/1', 'm/1/1' .etc

vault.secp256k1.keyInfo('m/0')
  .then(result => {
    console.log("keyInfo: " + result.pubkey);
  }
)

Sign

Cryptographically sign a piece of data. The data needs to be summarised in a digest like sha256

vault.secp256k1.sign(
  'm/0',
  shajs('sha256').update("data to sign goes here").digest()
)
.then(signedOutput => {
  console.log("sign: " + signedOutput.signature);
})

Encrypt

Encrypt a piece of data The data needs to be encoded into a hex string before sending

vault.secp256k1.encrypt(publicKey, Buffer.from("message to encrypt").toString('hex'))
  .then(encryptedMessage => {
    console.log("encrypt: " + encryptedMessage.ciphertext);
  }
)

Decrypt

Reverse the encryption process to get back your message

vault.secp256k1.decrypt('m/0', encryptedMessage)
  .then(message => {
    console.log("decrypt: " + Buffer.from(message, 'hex').toString());
  }
)

License

BSD-3-Clause