kccleoc/pyhdwallet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53 Commits 1 Branch 1 Tag
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
LC mac 4933168ae4 docs: update for multi-platform vendor support (v1.1.0) 
- Update README.md with 6 vendor directories (macOS/Linux x86/ARM + dev)
- Update playbook.md with complete air-gapped workflow
- Document auto-detection in install_offline.sh
- Add dev mode documentation (--dev flag)
- Add platform-specific checksum verification commands
- Add operational security checklist
- Add vendor architecture diagram
- Document macOS native vs Docker build requirements

Complete support for:
- macOS ARM64 (Apple Silicon)
- Linux x86_64 (Intel/AMD)
- Linux aarch64 (ARM64/Raspberry Pi/Mac containers)
2026-01-12 18:22:57 +08:00
src
chore: cleanup build artifacts and add .gitignore
2026-01-10 00:39:06 +08:00
tests
rebuild the offline wheel using Linux environment; add a test asc file to git
2026-01-09 14:41:45 +00:00
vendor
vendor: add complete multi-platform support (runtime + dev)
2026-01-12 17:57:08 +08:00
.gitignore
vendor: add complete multi-platform support (runtime + dev)
2026-01-12 17:18:28 +08:00
build_binary_linux.sh
chore: cleanup build artifacts and add .gitignore
2026-01-10 00:39:06 +08:00
build_binary.sh
chore: cleanup build artifacts and add .gitignore
2026-01-10 00:39:06 +08:00
build-all-platforms.sh
Refs: offline install via vendored wheels and test verification workflow (see README/playbook updates)
2026-01-08 01:45:25 +08:00
Dockerfile
Refs: offline install via vendored wheels and test verification workflow (see README/playbook updates)
2026-01-08 01:45:25 +08:00
install_offline.sh
vendor: add complete multi-platform support (runtime + dev)
2026-01-12 17:18:28 +08:00
LICENSE
Update project files from demo
2026-01-05 15:24:12 +00:00
Makefile
vendor: add complete multi-platform support (runtime + dev)
2026-01-12 17:57:08 +08:00
playbook.md
docs: update for multi-platform vendor support (v1.1.0)
2026-01-12 18:22:57 +08:00
pytest.ini
feat(bip85): add gen-child command (v1.0.6)
2026-01-09 18:46:19 +08:00
README.md
docs: update for multi-platform vendor support (v1.1.0)
2026-01-12 18:22:57 +08:00
requirements-dev.in
Refs: offline install via vendored wheels and test verification workflow (see README/playbook updates)
2026-01-08 01:45:25 +08:00
requirements-dev.txt
Refs: offline install via vendored wheels and test verification workflow (see README/playbook updates)
2026-01-08 01:45:25 +08:00
requirements.in
Refs: offline install via vendored wheels and test verification workflow (see README/playbook updates)
2026-01-08 01:45:25 +08:00
requirements.txt
chore: recompile requirements.txt
2026-01-09 18:55:57 +08:00

README.md

pyhdwallet Secure HD Wallet Tool

Deterministic BIP32/BIP39/BIP44 HD wallet generator for Bitcoin, Ethereum, and other cryptocurrencies. Designed for air-gapped, offline use with multi-platform support.

📦 Installation

Quick Start (macOS/Linux with Internet)

# Clone repository
git clone https://github.com/yourusername/hdwalletpy.git
cd hdwalletpy

# Install using automated script
./install_offline.sh

Air-Gapped Installation (No Internet)

The project includes pre-built vendored wheels for offline installation on:

  • macOS ARM64 (Apple Silicon)
  • Linux x86_64 (Intel/AMD servers)
  • Linux aarch64 (ARM64 servers, Raspberry Pi, Mac containers)

Steps:

  1. On internet-connected machine:

    git clone https://github.com/yourusername/hdwalletpy.git
cd hdwalletpy

# Verify vendor checksums
cd vendor/macos-arm64 && shasum -a 256 -c SHA256SUMS      # macOS
cd vendor/linux-x86_64 && sha256sum -c SHA256SUMS         # Linux x86
cd vendor/linux-aarch64 && sha256sum -c SHA256SUMS        # Linux ARM

  2. Transfer to USB/CD:

    # Copy entire repository to USB drive
cp -r hdwalletpy /Volumes/USB/

  3. On air-gapped machine:

    cd /path/to/hdwalletpy

# Ensure Python 3.12 is installed
python3.12 --version

# Run offline installer (auto-detects platform)
./install_offline.sh

# Activate virtual environment
source .venv/bin/activate

# Generate wallet
python src/pyhdwallet.py gen --help

Developer Installation (with Docker)

Build wheels and run tests across all platforms:

# Build Docker image
make build-image

# Build vendor wheels for all platforms
make vendor-all          # Runtime wheels only
make vendor-all-dev      # Runtime + dev wheels (pytest)

# Install development environment
make install-dev-offline

# Run tests
make test

Basic Usage

# Generate wallet (prints mnemonic - debug mode)
python src/pyhdwallet.py gen

# Generate with off-screen mode + encrypted ZIP
python src/pyhdwallet.py gen --file --zip

# Generate with PGP encryption + ZIP
python src/pyhdwallet.py gen --file --zip --pgp recipient@example.com

# Recover wallet from mnemonic
python src/pyhdwallet.py recover

# Fetch PGP public key (requires internet)
python src/pyhdwallet.py fetchkey keyserver.ubuntu.com recipient@example.com

# Run tests
python src/pyhdwallet.py test

🔐 Security Features

  • BIP39 24-word mnemonic generation
  • BIP32 hierarchical deterministic wallet derivation
  • BIP44 multi-currency account structure
  • Air-gapped operation with vendored dependencies
  • AES-256 encrypted ZIP artifacts with password protection
  • PGP encryption support for at-rest storage
  • Deterministic output for reproducible wallet generation
  • Multi-platform offline support (macOS, Linux x86/ARM)
  • Checksum verification for vendored wheels

🛠️ Makefile Targets

Vendoring (Air-Gapped Deployment)

make vendor-macos         # Build macOS ARM64 wheels
make vendor-macos-dev     # Build macOS dev wheels (pytest)
make vendor-linux         # Build Linux x86_64 wheels (Docker)
make vendor-linux-dev     # Build Linux x86_64 dev wheels
make vendor-linux-arm     # Build Linux ARM64 wheels (Docker)
make vendor-linux-arm-dev # Build Linux ARM64 dev wheels
make vendor-all           # Build runtime wheels for ALL platforms
make vendor-all-dev       # Build dev wheels for ALL platforms
make verify-vendor        # Test offline installation

Binary Distribution

make binary               # Build standalone binary for current platform
make binary-linux         # Build Linux binary via Docker
make binary-all           # Build binaries for all platforms

Development Workflow

make install              # Create venv and install dependencies
make install-offline      # Install from vendor/ (offline)
make install-dev-offline  # Install dev dependencies (offline)
make test                 # Run test suite
make clean                # Remove venv, cache, vendor/
make clean-vendor         # Remove vendor/ only

Release Management

make release              # Build complete release package
make release-test         # Test release binaries
make clean-release        # Remove release artifacts

📖 Full Documentation

See playbook.md for:

  • Detailed air-gapped security setup
  • Multi-platform installation guide
  • PGP key management
  • Operational security checklist
  • Troubleshooting guide
  • Testing and development workflows

🔒 Recommended Air-Gapped Setup

  1. Build/verify on trusted internet machine
  2. Transfer via USB/CD to air-gapped machine
  3. Verify checksums before installation
  4. Generate wallet offline with PGP encryption
  5. Store encrypted artifacts on separate media
  6. Test recovery process before real use

Threat model: Protects against network-based attacks, remote exploitation, and keyloggers. Physical security and operational discipline required.

📝 License

MIT License - See LICENSE for details.

🙏 Credits

Built with:

  • bip-utils - BIP32/39/44 implementation
  • PyInstaller - Binary packaging
  • Python 3.12 and cryptography libraries
Reference in New Issue View Git Blame Copy Permalink
Description
HD wallets Gen/Recover/Encrypt
Readme MIT 52 MiB
Languages
Python 69.5%
Makefile 16.6%
Shell 13.4%
Dockerfile 0.5%