Skip to content

fix: SLIP-10 Ed25519 Solana derivation + auto-sweep migration#69

Merged
1bcMax merged 1 commit intomainfrom
fix/solana-slip10-derivation
Mar 4, 2026
Merged

fix: SLIP-10 Ed25519 Solana derivation + auto-sweep migration#69
1bcMax merged 1 commit intomainfrom
fix/solana-slip10-derivation

Conversation

@1bcMax
Copy link
Member

@1bcMax 1bcMax commented Mar 4, 2026

Summary

  • Fixed Solana wallet derivation from secp256k1 BIP-32 to SLIP-10 Ed25519 — now Phantom/Solflare/Backpack compatible
  • Auto-detect migration on startup: logs old vs new addresses with instructions
  • /wallet migrate-solana command to sweep USDC from legacy wallet to new wallet
  • Version bump to 0.12.0 (breaking derivation change)

Problem

deriveSolanaKeyBytes() used @scure/bip32's HDKey (secp256k1) for path m/44'/501'/0'/0'. All Solana wallets use SLIP-10 Ed25519. Same mnemonic + same path + different elliptic curve = completely different address. Users could not recover their Solana wallet from the 24-word mnemonic in any standard wallet.

Changes

File Change
src/wallet.ts SLIP-10 Ed25519 derivation + deriveSolanaKeyBytesLegacy()
src/auth.ts Migration detection + warning on startup
src/solana-sweep.ts New: sweep USDC from old → new wallet
src/index.ts /wallet migrate-solana command + exports
src/cli.ts Fix balance display for active chain
src/wallet.test.ts 22 tests with known test vectors

Test plan

  • npm test — 297 passed, 0 failed
  • Test mnemonic "abandon...art" → SLIP-10 address 3Cy3YNTFywCmxoxt8n7UH6hg6dLo5uACowX3CFceaSnx
  • Legacy function produces different address (FML75Ca...)
  • TypeScript compiles clean (tsc --noEmit)
  • Manual test: /wallet migrate-solana with funded legacy wallet

@1bcMax
fix: use SLIP-10 Ed25519 for Solana wallet derivation (Phantom-compat…
b6dbc39 
…ible)

The old derivation used secp256k1 BIP-32 (HDKey) for Solana keys at
m/44'/501'/0'/0'. All Solana wallets (Phantom, Solflare, Backpack) use
SLIP-10 Ed25519 instead. Same mnemonic + same path + different curve =
completely different address, making mnemonic recovery impossible.

Changes:
- wallet.ts: SLIP-10 Ed25519 derivation via @noble/hashes HMAC-SHA512
- wallet.ts: old function preserved as deriveSolanaKeyBytesLegacy() for sweep
- auth.ts: migration detection on startup, logs old/new addresses
- solana-sweep.ts: new file to transfer USDC from legacy to new wallet
- index.ts: /wallet migrate-solana command + exports
- wallet.test.ts: known test vectors, Phantom address verification
@1bcMax 1bcMax merged commit bdb2406 into main Mar 4, 2026
2 of 3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@1bcMax