This crate implements BIP32 for Ed25519 according to the paper BIP32-Ed25519 Hierarchical Deterministic Keys over a Non-linear Keyspace:
This crate contains some code copied from https://github.com/typed-io/rust-ed25519-bip32, especially:
- The
add_28_mul8()
andadd_256bits()
functions. - Some parts of the public and private key derivation functions.
This crate deviates from the above project in the following ways:
- Using RustCrypto libraries for SHA512, HMAC, and Curve25519 operations instead of cryptoxide. Rationale: the primary user of this library, the BitBox02 firmware, already includes RustCrypto dependencies, so reusing these does not grow the firmware binary size unnecessarily.
no_std
- no dependency onstd
. There is a dependency onalloc
, so an allocator is required.- Use of zeroize.
- Better unit test coverage.
In tests/table_test.rs, this implementation is tested to yield the same results as:
- https://github.com/typed-io/rust-ed25519-bip32
- Ledger's reference
implementation,
which showcases what their SDK's
os_perso_derive_node_bip32_seed_key()
function computes. Ledger uses this to derive e.g. Cardano keys.