SeedDeriver
Derives wallet seed material from the user's passkey via the WebAuthn PRF extension.
Two outputs sit at different levels of the chain:
derivePrfEntropy — raw 32-byte PRF output. Suitable as BIP-39 entropy, an HKDF source, a symmetric key, etc.
deriveBip39Seed — full chain: PRF → 32-byte entropy → 24-word mnemonic → 64-byte BIP-39 PBKDF2 seed. This is what
MidnightSdk.Builder.seed(...)consumes.
The PRF output is identical on every device + every Kuira ecosystem app that shares the RP via assetlinks.json, so the derived seed is identical too — no shared backup blob needed.
SEED_SALT is domain-separated from AppStateBackup.BACKUP_SALT; PRF with two different salts produces two independent secrets from the same passkey credential.
Known limitation: the entropy → seed chain temporarily materializes the 24-word mnemonic as a String. JVM strings are immutable and may be copied/interned by the allocator before GC can reclaim them — same trap as the existing WalletPanelViewModel.ensureSeedReady random-seed path. A direct entropyToSeed path would close this gap; deferred until both consumers can migrate in one pass.
Properties
Functions
One-shot: passkey PRF → BIP-39 entropy → mnemonic → BIP-39 seed.
Authenticate the user's passkey with the seed-derivation salt and return the raw 32-byte PRF output. The output is BIP-39 entropy size — callers can pass it directly to BIP39.entropyToMnemonic.
One-shot derive that returns BOTH the 32-byte BIP-39 entropy and the 64-byte BIP-39 seed from a single PRF authentication.
Deterministic chain from BIP-39 entropy to BIP-39 seed.