tessl/npm-polkadot--util-crypto

A collection of useful crypto utilities for Polkadot ecosystem projects

—

Pending

Quality

Pending

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

Overview

Eval results

Files

Mnemonic Management

Name: tessl/npm-polkadot--util-crypto
Author: tessl

BIP39-compatible mnemonic generation, validation, and seed derivation for creating human-readable backup phrases for cryptographic keys.

Capabilities

Mnemonic Generation

Generate cryptographically secure BIP39-compatible mnemonic phrases.

/**
 * Generate a BIP39 mnemonic phrase
 * @param numWords - Number of words (12, 15, 18, 21, or 24)
 * @param wordlist - Optional custom wordlist (defaults to English)
 * @returns BIP39 mnemonic string
 */
function mnemonicGenerate(numWords?: 12 | 15 | 18 | 21 | 24, wordlist?: string[]): string;

Usage Example:

import { mnemonicGenerate } from "@polkadot/util-crypto";

// Generate 12-word mnemonic (default)
const mnemonic12 = mnemonicGenerate();
console.log(mnemonic12); // "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about"

// Generate 24-word mnemonic for higher security
const mnemonic24 = mnemonicGenerate(24);
console.log(mnemonic24.split(' ').length); // 24

// Generate 15-word mnemonic
const mnemonic15 = mnemonicGenerate(15);

Mnemonic Validation

Validate BIP39 mnemonic phrases for correctness.

/**
 * Validate a BIP39 mnemonic phrase
 * @param mnemonic - Mnemonic string to validate
 * @param wordlist - Optional custom wordlist
 * @returns true if mnemonic is valid
 */
function mnemonicValidate(mnemonic: string, wordlist?: string[]): boolean;

Usage Example:

import { mnemonicGenerate, mnemonicValidate } from "@polkadot/util-crypto";

const mnemonic = mnemonicGenerate();
const isValid = mnemonicValidate(mnemonic);
console.log("Valid mnemonic:", isValid); // true

// Test invalid mnemonic
const invalid = "invalid mnemonic phrase here";
const isInvalid = mnemonicValidate(invalid);
console.log("Invalid mnemonic:", isInvalid); // false

Mnemonic to Mini Secret

Convert mnemonic to mini secret for sr25519 key derivation.

/**
 * Convert mnemonic to mini secret (32 bytes)
 * @param mnemonic - BIP39 mnemonic phrase
 * @param password - Optional password for additional security
 * @returns 32-byte mini secret for sr25519
 */
function mnemonicToMiniSecret(mnemonic: string, password?: string): Uint8Array;

Usage Example:

import { 
  mnemonicGenerate, 
  mnemonicToMiniSecret, 
  sr25519PairFromSeed 
} from "@polkadot/util-crypto";

const mnemonic = mnemonicGenerate();

// Without password
const seed = mnemonicToMiniSecret(mnemonic);
const pair = sr25519PairFromSeed(seed);

// With password for additional security
const seedWithPassword = mnemonicToMiniSecret(mnemonic, "my-secure-password");
const pairWithPassword = sr25519PairFromSeed(seedWithPassword);

Mnemonic to Legacy Seed

Convert mnemonic to legacy seed format for backward compatibility.

/**
 * Convert mnemonic to BIP39-compatible seed (deprecated - use mnemonicToMiniSecret for new projects)
 * @param mnemonic - BIP39 mnemonic phrase
 * @param password - Optional password for seed derivation (default: '')
 * @param onlyJs - Optional: force JavaScript implementation (default: false)
 * @param byteLength - Optional: seed length 32 or 64 bytes (default: 32)
 * @param rounds - Optional: PBKDF2 iterations (default: 2048)
 * @returns Seed bytes for compatibility with Bitcoin/Ethereum wallets
 */
function mnemonicToLegacySeed(mnemonic: string, password?: string, onlyJs?: boolean, byteLength?: 32 | 64, rounds?: number): Uint8Array;

Usage Example:

import { mnemonicToLegacySeed, ed25519PairFromSeed } from "@polkadot/util-crypto";

const mnemonic = "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about";
const legacySeed = mnemonicToLegacySeed(mnemonic);

// Use first 32 bytes for ed25519
const pair = ed25519PairFromSeed(legacySeed.slice(0, 32));

Mnemonic to Entropy

Extract entropy from a BIP39 mnemonic phrase.

/**
 * Convert mnemonic to entropy bytes
 * @param mnemonic - BIP39 mnemonic phrase
 * @param wordlist - Optional custom wordlist
 * @returns Entropy bytes (16, 20, 24, 28, or 32 bytes)
 */
function mnemonicToEntropy(mnemonic: string, wordlist?: string[]): Uint8Array;

Usage Example:

import { mnemonicGenerate, mnemonicToEntropy } from "@polkadot/util-crypto";

const mnemonic = mnemonicGenerate(12);
const entropy = mnemonicToEntropy(mnemonic);
console.log(entropy.length); // 16 bytes for 12-word mnemonic

const mnemonic24 = mnemonicGenerate(24);
const entropy24 = mnemonicToEntropy(mnemonic24);
console.log(entropy24.length); // 32 bytes for 24-word mnemonic

Complete Workflow Example

import { 
  cryptoWaitReady,
  mnemonicGenerate,
  mnemonicValidate,
  mnemonicToMiniSecret,
  sr25519PairFromSeed,
  encodeAddress
} from "@polkadot/util-crypto";

async function createAccount() {
  // Initialize crypto
  await cryptoWaitReady();
  
  // Generate mnemonic
  const mnemonic = mnemonicGenerate(24);
  console.log("Mnemonic:", mnemonic);
  
  // Validate mnemonic
  if (!mnemonicValidate(mnemonic)) {
    throw new Error("Invalid mnemonic generated");
  }
  
  // Convert to seed with password
  const password = "my-secure-password";
  const seed = mnemonicToMiniSecret(mnemonic, password);
  
  // Generate key pair
  const pair = sr25519PairFromSeed(seed);
  
  // Generate address
  const address = encodeAddress(pair.publicKey, 0); // Polkadot network
  
  return {
    mnemonic,
    address,
    publicKey: pair.publicKey
  };
}

Security Best Practices

Mnemonic Storage

Store mnemonics securely offline (paper backup, hardware wallet)
Never store mnemonics in plain text files or databases
Consider splitting mnemonics using Shamir's Secret Sharing
Use strong passwords when deriving seeds

Entropy Quality

Use system random number generator for mnemonic generation
Verify entropy quality in production environments
Consider hardware random number generators for high-security applications

Password Protection

Use strong, unique passwords for mnemonic-to-seed conversion
Store passwords separately from mnemonics
Consider using key stretching for password-based derivation

Mnemonic Word Counts and Security

Words	Entropy	Security Level
12	128 bits	Standard
15	160 bits	Enhanced
18	192 bits	High
21	224 bits	Very High
24	256 bits	Maximum

BIP39 Compliance

Fully compatible with BIP39 standard
Supports English wordlist by default
Checksum validation prevents typos
Compatible with hardware wallets and other BIP39 implementations

Install with Tessl CLI

npx tessl i tessl/npm-polkadot--util-crypto

docs

key-derivation-pbkdf.md

tessl/npm-polkadot--util-crypto

mnemonic.md.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}docs/

Mnemonic Management

Capabilities

Mnemonic Generation

Mnemonic Validation

Mnemonic to Mini Secret

Mnemonic to Legacy Seed

Mnemonic to Entropy

Complete Workflow Example

Security Best Practices

Mnemonic Storage

Entropy Quality

Password Protection

Mnemonic Word Counts and Security

BIP39 Compliance

mnemonic.mddocs/