Use HMAC SHA-256 with configurable amount of rounds to generate seed for HD wallet, also show the generated seed in WIF format.

2026-05-10 02:25:21 +02:00 · 2021-04-05 18:15:33 +02:00
3 changed files with 50 additions and 46 deletions
@@ -582,12 +582,27 @@
 							</span>
 						</div>

+						<label>Seed (WIF)</label>
+						<div class="input-group">
+							<input id="newHDseed" type="text" class="form-control" value="" readonly>
+							<span class="input-group-btn">
+								<button class="deriveHDbtn btn btn-default" type="button"><span title="Derive from key" class="glyphicon glyphicon-chevron-right"></span></button>
+							</span>
+						</div>
+
 						<h3>Address Options</h3>
 						<p>You can use the advanced options below to generate different kinds of master addresses.</p>
 						
 						<div class="checkbox">
 							<label><input type="checkbox" id="newHDBrainwallet" class="checkbox-inline"> Custom Seed or Brain Wallet</label>
-							<input type="text" class="form-control hidden" id="HDBrainwallet">
+							<div class="hidden" id="HDBrainwalletInput">
+								<input type="text" class="form-control" id="HDBrainwallet">
+								<span class="text-muted">
+									Number of HMAC SHA-256 iterations for seed generation, higher value mean's also longer calculation
+									(use value 0 to calculate just SHA-256, like in previous coinb.in versions):
+									<input type="text" class="form-control" id="HDBrainwalletIters" value="50000" size="10">
+								</span>
+							</div>
 						</div>

 						<input type="button" class="btn btn-primary" value="Generate" id="newHDKeysBtn">
@@ -1191,7 +1206,7 @@
 							<p>The path of key derivation</p>

 							<div class="row">
-								<div class="col-md-6">
+								<div class="col-md-8">
 									<b>Path</b><br>
 									<select class="form-control" id="hdpathtype"">
 										<option value="simple">Simple: m/i</option>
@@ -1216,15 +1231,6 @@
 									<input type="text" class="form-control derivation_index_end" value="1">
 								</div>

-								<div class="col-md-2">
-									<b>Address format</b><br>
-									<select class="form-control derivation_addr_format">
-										<option value="bech32">Bech32</option>
-										<option value="segwit">SegWit</option>
-										<option value="legacy">Legacy</option>
-									</select>
-								</div>
-
 							</div>

 							<hr>
@@ -1235,7 +1241,7 @@
 							<div class="derived_data">
 								<table class="table table-striped table-hover">
 									<thead>
-										<tr><td><b>Index</b></td><td><b>Address</b></td><td><b>Redeem script</b></td><td><b>Private Key (WIF)</b></td><td><b>Extended xPub</b></td><td><b>Extended xPrv</b></td></tr>
+										<tr><td><b>Index</b></td><td><b>Address</b><td><b>Private Key (WIF)</b></td></td><td><b>Extended xPub</b></td><td><b>Extended xPrv</b></td></tr>
 									</thead>
 									<tbody>
 									</tbody>
@@ -608,6 +608,7 @@
 				r.parent_fingerprint = bytes.slice(5, 9);
 				r.child_index = coinjs.uint(bytes.slice(9, 13), 4);
 				r.chain_code = bytes.slice(13, 45);
+				r.seed_wif = '';
 				r.key_bytes = bytes.slice(45, 78);

 				var c = coinjs.compressed; // get current default
@@ -618,20 +619,10 @@
 					var privkey = (r.key_bytes).slice(1, 33);
 					var privkeyHex = Crypto.util.bytesToHex(privkey);
 					var pubkey = coinjs.newPubkey(privkeyHex);
-					var addr_format = $("#verifyHDaddress .derivation_addr_format").val();
-					if (addr_format == "bech32") {
-						var address = coinjs.bech32Address(pubkey);
-					} else if (addr_format == "segwit") {
-						var address = coinjs.segwitAddress(pubkey);
-					} else {
-						var address = {'address': coinjs.pubkey2address(pubkey),
-							'redeemscript': ''};
-					}

 					r.keys = {'privkey':privkeyHex,
 						'pubkey':pubkey,
-						'address':address.address,
-						'script':address.redeemscript,
+						'address':coinjs.pubkey2address(pubkey),
 						'wif':coinjs.privkey2wif(privkeyHex)};

 				} else if(r.key_bytes[0] == 0x02 || r.key_bytes[0] == 0x03) {
@@ -706,34 +697,23 @@
 			var ecparams = EllipticCurve.getSECCurveByName("secp256k1");
 			var curve = ecparams.getCurve();

-			var k, key, pubkey, o, addr_format, address_fun, address;
+			var k, key, pubkey, o;

 			o = coinjs.clone(this);
 			o.chain_code = ir;
 			o.child_index = i;

-			addr_format = $("#verifyHDaddress .derivation_addr_format").val();
-			if (addr_format == "bech32") {
-				address_fun = function(pk) { return coinjs.bech32Address(pk); };
-			} else if (addr_format == "segwit") {
-				address_fun = function(pk) { return coinjs.segwitAddress(pk); };
-			} else {
-				address_fun = function(pk) {
-					return {'address': coinjs.pubkey2address(pk), 'redeemscript': ''};
-				};
-			}
 			if(this.type=='private'){
 				// derive key pair from from a xprv key
 				k = il.add(new BigInteger([0].concat(Crypto.util.hexToBytes(this.keys.privkey)))).mod(ecparams.getN());
 				key = Crypto.util.bytesToHex(k.toByteArrayUnsigned());

 				pubkey = coinjs.newPubkey(key);
-				address = address_fun(pubkey);
+
 				o.keys = {'privkey':key,
 					'pubkey':pubkey,
 					'wif':coinjs.privkey2wif(key),
-					'address':address.address,
-					'script':address.redeemscript};
+					'address':coinjs.pubkey2address(pubkey)};

 			} else if (this.type=='public'){
 				// derive xpub key from an xpub key
@@ -750,11 +730,9 @@
 					publicKeyBytesCompressed.unshift(0x03)
 				}
 				pubkey = Crypto.util.bytesToHex(publicKeyBytesCompressed);
-				address = address_fun(pubkey);

 				o.keys = {'pubkey':pubkey,
-					'address':address.address,
-					'script':address.redeemscript}
+					'address':coinjs.pubkey2address(pubkey)}
 			} else {
 				// fail
 			}
@@ -765,8 +743,23 @@
 		}

 		// make a master hd xprv/xpub
-		r.master = function(pass) {
-			var seed = (pass) ? Crypto.SHA256(pass) : coinjs.newPrivkey();
+		r.master = function(pass, iters) {
+			if (pass) {
+				var seed_iters = (iters) ? Math.abs(iters * 1) : 0;
+				if (seed_iters == 0) {
+					var seed = Crypto.SHA256(pass);
+				} else {
+					var seed = Crypto.util.hexToBytes("0000000000000000000000000000000000000000000000000000000000000000");
+					for (var i = 0; i < seed_iters; i++) {
+						seed = Crypto.HMAC(Crypto.SHA256, seed, pass, { asBytes: true });
+					}
+					seed = Crypto.util.bytesToHex(seed);
+				}
+			} else {
+				var seed = coinjs.newPrivkey();
+			}
+
+			var seed_wif = coinjs.privkey2wif(seed);
 			var hasher = new jsSHA(seed, 'HEX');
 			var I = hasher.getHMAC("Bitcoin seed", "TEXT", "SHA-512", "HEX");

@@ -778,6 +771,7 @@
 				'parent_fingerprint':[0,0,0,0],
 				'child_index':0,
 				'chain_code':chain,
+				'seed_wif':seed_wif,
 				'privkey':I.slice(0, 64),
 				'pubkey':coinjs.newPubkey(I.slice(0, 64))});
 		}
@@ -822,6 +816,8 @@
 				var ret = pub.concat(checksum);
 				o.pubkey = coinjs.base58encode(ret);
 			}
+
+			o.seed_wif = data.seed_wif;
 			return o;
 		}

@@ -570,18 +570,20 @@ $(document).ready(function() {
 	$("#newHDKeysBtn").click(function(){
 		coinjs.compressed = true;
 		var s = ($("#newHDBrainwallet").is(":checked")) ? $("#HDBrainwallet").val() : null;
+		var siters = ($("#newHDBrainwallet").is(":checked")) ? $("#HDBrainwalletIters").val()*1 : null;
 		var hd = coinjs.hd();
-		var pair = hd.master(s);
+		var pair = hd.master(s, siters);
 		$("#newHDxpub").val(pair.pubkey);
 		$("#newHDxprv").val(pair.privkey);
+		$("#newHDseed").val(pair.seed_wif);

 	});

 	$("#newHDBrainwallet").click(function(){
 		if($(this).is(":checked")){
-			$("#HDBrainwallet").removeClass("hidden");
+			$("#HDBrainwalletInput").removeClass("hidden");
 		} else {
-			$("#HDBrainwallet").addClass("hidden");
+			$("#HDBrainwalletInput").addClass("hidden");
 		}
 	});

@@ -1681,6 +1683,7 @@ $(document).ready(function() {
 			if(hex == hex_cmp_prv || hex == hex_cmp_pub){
 				var hd = coinjs.hd(s);
 				$("#verifyHDaddress .hdKey").html(s);
+				$("#verifyHDaddress .seed_wif").val(hd.seed_wif);
 				$("#verifyHDaddress .chain_code").val(Crypto.util.bytesToHex(hd.chain_code));
 				$("#verifyHDaddress .depth").val(hd.depth);
 				$("#verifyHDaddress .version").val('0x'+(hd.version).toString(16));
@@ -1714,7 +1717,6 @@ $(document).ready(function() {
 			html += '<tr>';
 			html += '<td>'+i+'</td>';
 			html += '<td><input type="text" class="form-control" value="'+derived.keys.address+'" readonly></td>';
-			html += '<td><input type="text" class="form-control" value="'+derived.keys.script+'" readonly></td>';
 			html += '<td><input type="text" class="form-control" value="'+((derived.keys.wif)?derived.keys.wif:'')+'" readonly></td>';
 			html += '<td><input type="text" class="form-control" value="'+derived.keys_extended.pubkey+'" readonly></td>';
 			html += '<td><input type="text" class="form-control" value="'+((derived.keys_extended.privkey)?derived.keys_extended.privkey:'')+'" readonly></td>';