Keystore

Utilities & types for working with Keystores.

Examples

Encrypting & Decrypting Private Keys

Private keys can be encrypted into a JSON keystore using Keystore.encrypt and decrypted using Keystore.decrypt:

import { Keystore, Secp256k1 } from 'ox'
 
// Generate a random private key.
const privateKey = Secp256k1.randomPrivateKey()
 
// Derive a key from a password.
const key = Keystore.pbkdf2({ password: 'testpassword' })
 
// Encrypt the private key.
const encrypted = await Keystore.encrypt(privateKey, key)
{
   "crypto": {
     "cipher": "aes-128-ctr",
     "ciphertext": "...",
     "cipherparams": {
       "iv": "...",
     },
     "kdf": "pbkdf2",
     "kdfparams": {
       "salt": "...",
       "dklen": 32,
       "prf": "hmac-sha256",
       "c": 262144,
     },
     "mac": "...",
   },
   "id": "...",
   "version": 3,
 }
 // Decrypt the private key.
const decrypted = await Keystore.decrypt(encrypted, key)
"0x..."

Functions

Name	Description
`Keystore.decrypt`	Decrypts a JSON keystore into a private key.
`Keystore.encrypt`	Encrypts a private key as a JSON keystore using a derived key.
`Keystore.pbkdf2`	Derives a key from a password using PBKDF2.
`Keystore.pbkdf2Async`	Derives a key from a password using PBKDF2.
`Keystore.scrypt`	Derives a key from a password using scrypt.
`Keystore.scryptAsync`	Derives a key from a password using scrypt.

Types

Name	Description
`Keystore.Key`	Key.
`Keystore.Keystore`	Keystore.
`Keystore.Pbkdf2Key`	PBKDF2 Key.
`Keystore.ScryptKey`	Scrypt Key.