SecretKeyWallet

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:30

A local signer that holds a secret key (and optional view-only key) in memory, using the WASM module for transaction hashing and Schnorr signing.

For production use, prefer WalletDaemonSigner so the secret key never lives in JavaScript memory.

Prefer SecretKeyWallet.getViewSecret for view-secret access; SecretKeyWallet.getViewOnlySecret is retained for back-compat.

Implements

• Signer

Properties

network

readonly network: Network

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:35

Methods

addStealthSignature()

addStealthSignature(unsignedJson, publicNonce, sealPublicKey, ctx): Promise<TransactionSignature>

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:168

Produces a one-time spend-key signature for a stealth input (Signer.addStealthSignature).

Derives the one-time spend scalar (c + k) for the owned stealth UTXO via stealthDhSecret(network, ownerSecret, publicNonce), then signs via the WASM addTransactionSigner (same path as signTransaction).

The returned TransactionSignature carries the one-time spend public key (not the wallet’s owner public key) — it authorizes the specific stealth UTXO being spent.

Parameters

unsignedJson

string

publicNonce

Uint8Array

sealPublicKey

Uint8Array

ctx

crypto

SignerStealthCrypto

Returns

Promise<TransactionSignature>

Implementation of

Signer.addStealthSignature

---

getAddress()

getAddress(): Promise<string>

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:110

Returns

Promise<string>

Throws

when the view-only key has not been set on this wallet.

Implementation of

Signer.getAddress

---

getPublicKey()

getPublicKey(): Promise<Uint8Array<ArrayBufferLike>>

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:121

Returns the raw public key bytes for this signer.

Returns

Promise<Uint8Array<ArrayBufferLike>>

Implementation of

Signer.getPublicKey

---

getViewOnlySecret()

getViewOnlySecret(): Uint8Array<ArrayBufferLike> | null

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:133

Returns the view-only secret key, if one was set. Used for stealth/confidential output scanning.

Deprecated

Use getViewSecret instead. This method signals a missing view key via a null return; getViewSecret throws a WalletError with an actionable message.

Returns

Uint8Array<ArrayBufferLike> | null

---

getViewSecret()

getViewSecret(): Promise<Uint8Array<ArrayBufferLike>>

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:147

Returns the view-only secret for stealth scanning/spending (Signer.getViewSecret).

Intentionally duplicates getViewOnlySecret (the pre-existing synchronous public accessor): this async method conforms to the Signer interface, while the original is kept unchanged to avoid a breaking API change.

Returns

Promise<Uint8Array<ArrayBufferLike>>

Throws

when no view-only secret is set on this wallet (e.g. a wallet built via fromSecretKey/fromKeypair without a view secret).

Implementation of

Signer.getViewSecret

---

signTransaction()

signTransaction(unsignedTx, sealPublicKey): Promise<TransactionSignature[]>

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:180

Signs the given unsigned transaction and returns the collected signatures.

sealPublicKey is mixed into the transaction hash (hashUnsignedTransaction(JSON.stringify(tx), sealPublicKey)) so every signature in the final envelope verifies against the SAME hash — the engine’s seal verification enforces this. Implementations MUST hash with the supplied sealPublicKey, not their own.

Parameters

unsignedTx

UnsignedTransactionV1

sealPublicKey

Uint8Array

Returns

Promise<TransactionSignature[]>

Implementation of

Signer.signTransaction

---

fromKeypair()

static fromKeypair(ownerSecretKey, ownerPublicKey, network, viewOnlySecret?): SecretKeyWallet

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:91

Creates a wallet directly from a secret key and its corresponding public key. Use this overload if you already have both keys (e.g. from key storage).

Parameters

ownerSecretKey

Uint8Array

ownerPublicKey

Uint8Array

network

Network

viewOnlySecret?

Uint8Array<ArrayBufferLike>

Returns

SecretKeyWallet

Throws

if ownerSecretKey, ownerPublicKey, or viewOnlySecret (when supplied) is not exactly 32 bytes.

---

fromSecretKey()

static fromSecretKey(ownerSecretKey, network, viewOnlySecret?): SecretKeyWallet

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:69

Creates a wallet from an existing hex-encoded account secret key. The public key is derived via wasm.derivePublicKey.

Parameters

ownerSecretKey

Uint8Array

network

Network

viewOnlySecret?

Uint8Array<ArrayBufferLike>

Returns

SecretKeyWallet

Throws

if ownerSecretKey (or viewOnlySecret, when supplied) is not exactly 32 bytes.

---

randomWithViewKey()

static randomWithViewKey(network): SecretKeyWallet

Defined in: ootle-secret-key-wallet/src/secret-key-wallet.ts:56

Generates a fresh random account keypair and a separate random view-only key. The view-only key is used for stealth/confidential output scanning. Mirrors OotleSecretKey { account_secret, view_only_secret } from ootle-rs.

Parameters

network

Network

Returns

SecretKeyWallet