Skip to content

Keystore

Utilities & types for working with Keystores.

Examples

Encrypting & Decrypting Private Keys

Private keys can be encrypted into a JSON keystore using Keystore.encrypt and decrypted using Keystore.decrypt:

import { Keystore, Secp256k1 } from 'ox'
 
// Generate a random private key.
const privateKey = Secp256k1.randomPrivateKey()
 
// Derive a key from a password.
const key = Keystore.pbkdf2({ password: 'testpassword' })
 
// Encrypt the private key.
const encrypted = await Keystore.encrypt(privateKey, key)
{
"crypto": {
"cipher": "aes-128-ctr",
"ciphertext": "...",
"cipherparams": {
"iv": "...",
},
"kdf": "pbkdf2",
"kdfparams": {
"salt": "...",
"dklen": 32,
"prf": "hmac-sha256",
"c": 262144,
},
"mac": "...",
},
"id": "...",
"version": 3,
}
// Decrypt the private key. const decrypted = await Keystore.decrypt(encrypted, key)
"0x..."

Functions

NameDescription
Keystore.decryptDecrypts a JSON keystore into a private key.
Keystore.encryptEncrypts a private key as a JSON keystore using a derived key.
Keystore.pbkdf2Derives a key from a password using PBKDF2.
Keystore.pbkdf2AsyncDerives a key from a password using PBKDF2.
Keystore.scryptDerives a key from a password using scrypt.
Keystore.scryptAsyncDerives a key from a password using scrypt.

Types

NameDescription
Keystore.KeyKey.
Keystore.KeystoreKeystore.
Keystore.Pbkdf2KeyPBKDF2 Key.
Keystore.ScryptKeyScrypt Key.