Feat/display account xpubs #998
Conversation
There was a problem hiding this comment.
Pull request overview
This PR implements a power user mode feature that allows advanced users to view extended public keys (xpubs) for their wallet accounts. The feature is protected by a password verification step and includes an auto-timeout mechanism for security.
Key changes:
- Added a power user mode toggle in settings that controls visibility of advanced features
- Implemented an account xpubs dialog with password verification that displays zpub/vpub formatted extended public keys
- Created utility functions for xpub extraction and conversion to native segwit format
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 14 comments.
Show a summary per file
| File | Description |
|---|---|
src/store/jamSettingsStore.ts |
Adds powerUserMode boolean property to jam settings state |
src/lib/xpub.ts |
New utility library for extracting and converting xpubs to native segwit format (zpub/vpub) |
src/i18n/locales/en/translation.json |
Adds translation keys for power user mode toggle and xpubs dialog UI |
src/components/settings/Settings.tsx |
Integrates power user mode toggle and conditionally displays xpubs menu item |
src/components/settings/AccountXpubsDialog.tsx |
New dialog component that handles password verification, xpub fetching, display, and auto-timeout |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…, and translations
|
@kunal-595 Thanks for the PR. Being able to import the keys as watch-only in other software is essential. However, I think there is a problem showing the xpub from the api response: afaik it exports the "wrong" values (see JoinMarket-Org/joinmarket-clientserver#1586) I did not re-check it myself but any change you might have you verified it yourself? I think a good approach would be either: fix the values in the api response or calculate the values locally from the seed (there is already a dialog where a user needs to provide the passphrase to retrieve the seed - this could be done in a similar way). What do you think? |
- Add @scure/bip32 and @scure/bip39 for BIP32/BIP39 derivation - Create bip32.ts utility for deriving account-level xpubs from mnemonic - Update AccountXpubsDialog to fetch seed and derive correct BIP84 account xpubs - Derive account-level xpubs (m/84'/coin_type'/account') not child xpubs - Convert to native segwit format (zpub/vpub) using SLIP-0132 - Simplify UI to show single account-level xpub per account - Update translations to reflect account-level xpubs for watch-only import Fixes issue where API returns wrong xpub derivation paths (address-level instead of account-level). Now calculates correct xpubs locally from seed as suggested by maintainer.
|
Thanks for the feedback! You're absolutely right about the API returning incorrect values .I verified this and saw it returns xpubs at the child derivation paths (like m/84'/1'/0'/0 for external addresses) instead of the account-level paths (m/84'/1'/0'). I have already implemented your suggested approach - calculating the values locally from the seed |
|
@kunal-595 This looks nice. Happy to merge this. Is it okay with you if I push a few adjustments before? |
|
Thanks! Yes, that’s totally fine please go ahead with the adjustments. |
|
Thanks @kunal-595! Awesome contribution! Again, thank you - really nice work! 🙏 |
|
Hey @theborakompanioni, Been watching the Slack chat lately and noticed a lot of people panicking about FB visibility when moving to Sparrow. It got me thinking maybe we can expand the QR/Display work to solve this? I am thinking about a 'Recovery Info' modal that pulls the redeemScript and derivation path from jmwalletd. We could show it as a QR so people can just scan it into Sparrow/Electrum. It’s strictly metadata, not keys, so it should be safe and provide some real peace of mind. Also, that blank page bug on Tor mobile is still a thing. I suspect our CSP headers or JS chunking might be the culprit there. I would like to audit that and maybe move to a more conservative build config for the frontend to make it more resilient. Lastly, a small 'Network Settings' UI for directory nodes would be great so people donot have to keep digging into the .cfg files to improve their mix success. Thinking of starting small with the FB export first. Does this align with the next release? Let me know what you think. |
2 participants
fixes #620
This PR implements a power user mode in the settings, allowing advanced users to display account extended public keys (xpubs/zpubs) for each wallet account.
Power User Mode Toggle:
Added "Enable power user mode" switch in Settings (Display section).
"Show account xpubs" menu item is only visible when power user mode is enabled.
How to Test
Run the app and open Settings.
Toggle "Enable power user mode" ON.
"Show account xpubs" menu item appears in Wallet Settings.
Click it, enter your wallet password, and verify xpubs are shown as zpub/vpub.
Test copy buttons and auto-timeout.