😶‍🌫️

The Fluidkey Stealth Account Kit is an open source TypeScript library containing the core cryptographic functions used by Fluidkey. It enables anyone to independently generate and recover stealth smart accounts and related funds.

A written companion explaining the usage of the kit in Fluidkey's processes can be found in the technical walkthrough.

We hope to see more developers build privacy-preserving applications with the kit. If you have questions about the kit or want to contribute, reach out at [email protected].

Contents

The library is composed of the following functions:

• generateKeysFromSignature: generates a user's private keypair from a signature
• extractViewingPrivateKeyNode: extracts a BIP-32 node from a private viewing key
• generateEphemeralPrivateKey: generates an ephemeral private key based on the private viewing key node
• generateStealthAddresses: generates stealth addresses based on an ephemeral secret and a list of public spending keys
• generateStealthPrivateKey: generates the private key of the account controlling the stealth Safe
• predictStealthSafeAddressWithClient: predicts the address of a stealth Safe based on a list of stealth address owners (EOAs) calling the Safe Proxy Factory Deployment contract
• predictStealthSafeAddressWithBytecode: predicts the address of a stealth Safe based on a list of stealth address owners (EOAs) simulating the CREATE2 call using the bytecode of the to-be deployed Safe Proxy
• generateFluidkeyMessage: generates the Fluidkey-specific key generation message

An example of how to use these functions to recover stealth accounts based on a user's private key can be found in the example folder.

[!WARNING] generateKeysFromSignature, extractViewingPrivateKeyNode, and generateStealthPrivateKey should only be used client-side, as they expose the user's private keys.

Get Started

To get started, install the package with your preferred package manager.

npm install @fluidkey/stealth-account-kit
yarn add @fluidkey/stealth-account-kit

Then start using the library by importing the functions you need.

import { 
  generateKeysFromSignature, 
  extractViewingPrivateKeyNode,
  generateEphemeralPrivateKey,
  generateStealthAddresses,
  predictStealthSafeAddressWithClient,
} from '@fluidkey/stealth-account-kit'

Fluidkey Parameters

To recover stealth accounts generated by Fluidkey, the following parameters should be used.

const chainId = 0
const safeVersion = '1.3.0'
const useDefaultAddress = true
const threshold = 1

Audits

The Fluidkey Stealth Account Kit has been audited by Dedaub in May 2024. You can find the full audit report here.

Dependencies

• viem and its dependencies, specifically:
  • noble-hashes
  • scure-bip32
• noble-secp256k1
• safe-deployments

Credits

This code has been influenced by, and contains code from umbra-js.

Coverage

License

This project is licensed under the MIT License - see the LICENSE file for details.

Copyright (c) 2024 Fluid Privacy SA