cardano-crypto-1.1.1: Cryptography primitives for cardano
Maintainer nicolas.diprima@iohk.io
Safe Haskell None
Language Haskell2010

Cardano.Crypto.Encoding.Seed

Description

implementation of the proposal specification for Paper Wallet see https://github.com/input-output-hk/cardano-specs/blob/master/proposals/0001-PaperWallet.md

however we allow more genericity in the implementation to allow not only 12 mnemonic words to freeze but also 15, 18 and 21.

because the output mnemonic words are always 3 words longer (for the IV) we cannot use 24 words long mnemonic sentence.

assumption:

  • we use PBKDF2 with 'HMAC 512' to generate the OTP.
  • we use 10000 iteration for the PBKDF2
  • we use the 4 bytes IOHK for the CONSTANT
Synopsis

Documentation

data Entropy (n :: Nat ) Source #

BIP39's entropy is a byte array of a given size (in bits, see ValidEntropySize for the valid size).

To it is associated

data MnemonicSentence (mw :: Nat ) Source #

Mnemonic Sentence is a list of WordIndex .

This is the generic representation of a mnemonic phrase that can be used for transalating to a different dictionary (example: English to Japanese).

This is mainly used to convert from/to the Entropy and for cardanoSlSeed

Instances

Instances details
ValidMnemonicSentence mw => IsList ( MnemonicSentence mw) Source #
Instance details

Defined in Crypto.Encoding.BIP39

Associated Types

type Item ( MnemonicSentence mw) Source #

Eq ( MnemonicSentence mw) Source #
Instance details

Defined in Crypto.Encoding.BIP39

Ord ( MnemonicSentence mw) Source #
Instance details

Defined in Crypto.Encoding.BIP39

Show ( MnemonicSentence mw) Source #
Instance details

Defined in Crypto.Encoding.BIP39

NormalForm ( MnemonicSentence mw) Source #
Instance details

Defined in Crypto.Encoding.BIP39

type Item ( MnemonicSentence mw) Source #
Instance details

Defined in Crypto.Encoding.BIP39

type ConsistentEntropy ent mw csz = ( ValidEntropySize ent, ValidChecksumSize ent csz, ValidMnemonicSentence mw, MnemonicWords ent ~ mw) Source #

Type Constraint Alias to check the entropy size, the number of mnemonic words and the checksum size is consistent. i.e. that the following is true:

| entropysize | checksumsize | entropysize + checksumsize | mnemonicsize | +---------------+--------------+----------------------------+--------------+ | 96 | 3 | 99 | 9 | | 128 | 4 | 132 | 12 | | 160 | 5 | 165 | 15 | | 192 | 6 | 198 | 18 | | 224 | 7 | 231 | 21 | | 256 | 8 | 264 | 24 |

This type constraint alias also perform all the GHC's cumbersome type level literal handling.

scramble :: forall entropysizeI entropysizeO mnemonicsize scramblesize csI csO. ( ConsistentEntropy entropysizeI mnemonicsize csI, ConsistentEntropy entropysizeO scramblesize csO, (mnemonicsize + IVSizeWords ) ~ scramblesize, (entropysizeI + IVSizeBits ) ~ entropysizeO) => ScrambleIV -> Entropy entropysizeI -> Passphrase -> Entropy entropysizeO Source #

scramble the given entropy into an entropy slighly larger.

This entropy can then be converted to a mnemonic sentence:

freeze iv mnemonics passphrase = entropyToWords . scramble iv entropy passphrase
  where
    entropy = case wordsToEntropy mnemonics of
        Nothing -> error "mnemonic to entropy failed"
        Just e  -> e

unscramble :: forall entropysizeI entropysizeO mnemonicsize scramblesize csI csO. ( ConsistentEntropy entropysizeI scramblesize csI, ConsistentEntropy entropysizeO mnemonicsize csO, (mnemonicsize + IVSizeWords ) ~ scramblesize, (entropysizeO + IVSizeBits ) ~ entropysizeI) => Entropy entropysizeI -> Passphrase -> Entropy entropysizeO Source #

The reverse operation of scramble

This function recovers the original entropy from the given scrambled entropy and the associated password.

recover scrambled passphrase = entropyToWords entropysizeO .
    unscramble entropysizeI entropysizeO entropyScrambled passphrase
  where
    entropyScrambled = case wordsToEntropy entropysizeI scrambled of
        Nothing -> error "mnemonic to entropy failed"
        Just e  -> e

scrambleMnemonic :: forall entropysizeI entropysizeO mnemonicsize scramblesize csI csO. ( ConsistentEntropy entropysizeI mnemonicsize csI, ConsistentEntropy entropysizeO scramblesize csO, (mnemonicsize + IVSizeWords ) ~ scramblesize, (entropysizeI + IVSizeBits ) ~ entropysizeO) => Proxy entropysizeI -> ScrambleIV -> MnemonicSentence mnemonicsize -> Passphrase -> MnemonicSentence scramblesize Source #

helper function to scramble mnemonics