ImToken wallet library implementation

This article describes the implementation of wallet library as in https://github.com/consenlabs/token-core-android. The library code was previously updated two years ago. It should be superseded by TokenCoreX. The library supports Bitcoin, Ethereum blockchain.

This library is written in Java for Android app. The library implements key management and signing of transaction. There are two parts in this library, wallet and foundation.The wallet part contains address, keystore, transaction signing, user identity, wallet management code.

When wallet object is generated, it is passed a keystore . The keystore contains the metadata (name, password hint, timestamp, network type), the id (just a number), address and crypto object. The wallet manager has a keystore mapping of id string to keystore. The keystore is used to retrieve the wallet object. The wallet supports exporting the private key, the mnemonic, key store.

Keystore contains a single random private key.

The user identity is characterised by metadata, mnemonic, and password. There is a list of wallets associated with the identity.

When a new user identity is created, the use inputs the password, the library returns the 12 word mnemonic and the public address. The address is generated using bitcoinj library. The bitcoin, segwit and ethereum addresses are supported.

In the foundation code, the crypto object can be created using PBKDF2 or SCRYPT cryptography. The crypto object contains the cipher, ciphertext, cipherparams, derived key, kdf, kdfparams, hashing mac, etc.

Cipher is the name of crypto algorithm.

Ciphertext is just hex value of private key, created from encryption of derived key, iv and origin. Origin can be mnemonics or private keys.

Cipherparams are parameters required for the cipher above.

Derived key is generated from password or ciphertext.

Kdf is key derivation function that encrypts keystore file with a password.

Kdfparams are parameters for the kdf above

Hashing mac is code used to verify password.

The Kdf is a password stretching function. The password is stretched by repeatedly hashing it.

The foundation code has utilities function to generate random bytes , check for valid hex, converts bytes to big integer, big integer to hex. There is mnemonic code generation using bitcoinj code.

The foundation code uses RLP encoder to encode the ethereum transaction. The signing of ethereum transaction is performed using keccak256 hash. The resulting hash is signed with elliptic curve key.

For bitcoin transaction, a new transaction object is formed, adding output, input and changed amount. The transaction is from bitcoinj library. Using the ECDSA , a transaction sig is created. It is then added to the script sig.

The transaction signing supports signing of EOS transaction. The DER (Distinguished encoding rules) is used to encode ECDSA signature. The signature is generated using a private key and a hash of the signed message. DER consists of (r, s) — two 32 byte numbers. The DER signature format is : 0x30 | (one byte to encode length of following data)| 0x02 | (one byte length of r) | r | 0x02 | (one byte length of s )| s

In the wallet code, there are some basic models , such as private/public key pair, ethereum network type (mainnet, testnet, kovan, ropsten). Metadata definition is in wallet code as well.