recovery

package

v0.10.0 Latest Latest Go to latest Published: Apr 30, 2026 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Shin-R2un/kpot

Links

Open Source Insights

Documentation ¶

Overview ¶

Package recovery encodes and decodes the two recovery-key formats supported by kpot v0.3+: BIP-39 mnemonics (12 or 24 words) and a 32-byte secret key rendered as Crockford Base32. Recovery keys derive a Key Encryption Key (KEK) used to wrap the vault's Data Encryption Key (DEK); the entropy in either format is high enough that we use cheap KDFs (PBKDF2 / HKDF) rather than Argon2id.

Index ¶

func FormatSecretKey(raw []byte) string
func GenerateSecretKey() (display string, raw []byte, err error)
func GenerateSeed(words int) (mnemonic string, err error)
func HexFingerprint(raw []byte) string
func NormalizeMnemonic(s string) string
func ParseSecretKey(s string) ([]byte, error)
func SecretKeyToKEK(raw []byte) ([]byte, error)
func SeedToKEK(mnemonic string) ([]byte, error)
type Type
- func ParseType(s string) (Type, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func FormatSecretKey ¶

func FormatSecretKey(raw []byte) string

FormatSecretKey renders raw bytes as Crockford Base32 with hyphen separators every 8 chars (e.g. AAAAAAAA-BBBBBBBB-...) so eyes can track position when copying onto paper.

func GenerateSecretKey ¶

func GenerateSecretKey() (display string, raw []byte, err error)

GenerateSecretKey returns 32 bytes of randomness rendered as the canonical Crockford Base32 form (52 chars, hyphenated for read-aloud).

func GenerateSeed ¶

func GenerateSeed(words int) (mnemonic string, err error)

GenerateSeed produces a fresh BIP-39 mnemonic. words must be 12 or 24. The returned string is space-separated and ready for display.

func HexFingerprint ¶

func HexFingerprint(raw []byte) string

HexFingerprint returns a short tag for diagnostics that doesn't reveal the secret. Currently the first 4 bytes of SHA-256 hex.

func NormalizeMnemonic ¶

func NormalizeMnemonic(s string) string

NormalizeMnemonic lower-cases and collapses whitespace so paste noise (extra spaces, CR/LF, weirdly capitalized words) doesn't reject a legitimate seed.

func ParseSecretKey ¶

func ParseSecretKey(s string) ([]byte, error)

ParseSecretKey accepts either the hyphenated display form or a raw Crockford Base32 stream and returns the 32-byte secret. Mistypes like O→0 / I→1 / L→1 / U→V are silently corrected (Crockford spec).

func SecretKeyToKEK ¶

func SecretKeyToKEK(raw []byte) ([]byte, error)

SecretKeyToKEK derives a 32-byte KEK from the raw secret key using HKDF-SHA256. The salt is fixed (domain separation), info distinguishes this derivation from any future ones.

func SeedToKEK ¶

func SeedToKEK(mnemonic string) ([]byte, error)

SeedToKEK validates the mnemonic and derives a 32-byte KEK using the BIP-39 standard PBKDF2-HMAC-SHA512 (iteration count 2048, salt "mnemonic" + optional empty passphrase). We then take the first 32 bytes as the KEK. We deliberately don't accept a BIP-39 passphrase (the "25th word") in v0.3 — added complexity, marginal safety win.

Types ¶

type Type ¶

type Type string

Type names the recovery format stored in the vault header.

const (
	TypeSeedBIP39 Type = "seed-bip39"
	TypeSecretKey Type = "secret-key"
)

func ParseType ¶

func ParseType(s string) (Type, error)

ParseType returns the canonical Type for a user-supplied flag value.

Source Files ¶

View all Source files

recovery.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL