All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

• Bump @metamask/keyring-api to ^3.0.0 (#344)

• BREAKING: Unify createNewVaultAndKeychain and createNewVaultAndRestore into new method createNewVaultWithKeyring. createNewVaultWithKeyring accepts a password and a keyring object provided by the client and returns the KeyringControllerState (#329)
• Bump @metamask/utils from 8.2.1 to 8.3.0 (#335)

• BREAKING: Bump @metamask/obs-store from ^8.1.0 to ^9.0.0 (#306)
  • The store and memStore properties now expose streams confirming to readable-stream@^3.6.2
• BREAKING: Replace GenericEncryptor.updateVault with GenericEncryptor.isVaultUpdated (#310))
• Bump @metamask/browser-passworder from ^4.2.0 to ^4.3.0 (#310 #311)

• Prefer cached encryptionKey over password when possible (#307)

• Added optional isVaultUpdated property to GenericEncryptor type (#312)

• Bump @metamask/browser-passworder to ^4.3.0 (#312)

• Removed updateVault optional property from GenericEncryptor type (#312)

• Improved encryption performance when the controller is constructed with cacheEncryptionKey: true (#312)

• BREAKING Removed encryptor class variable (#293)
• BREAKING Removed cacheEncryptionKey class variable (#293)
• BREAKING Changed encryptor constructor option property type to GenericEncryptor | ExportableKeyEncryptor | undefined (#293)
  • When the controller is instantiated with cacheEncryptionKey = true, the encryptor type is restricted to ExportableKeyEncryptor | undefined

• Fix removeAccount to await the account removal in order to account for Snaps keyrings (#280)
• Bump @metamask/eth-simple-keyring from ^6.0.0 to ^6.0.1 (#287)

• BREAKING: Bump @metamask/eth-sig-util from ^6.0.0 to ^7.0.0 (#269)
• BREAKING: Bump @metamask/eth-hd-keyring from ^6.0.0 to ^7.0.1 (#275)
• BREAKING: Bump @metamask/eth-simple-keyring from ^5.0.0 to ^6.0.0 (#273)

• Bump @metamask/utils from ^6.2.0 to ^8.1.0 (#261)

• Added KeyringControllerPersistentState type which includes only persistent state, an optional string property with key vault (#247)
• Added KeyringObject type for how keyrings are represented in memStore (#247)

• BREAKING: Add types for store and fix type discrepancies (#247)
• BREAKING: Constructor parameter KeyringControllerArgs fields changed (#247):
• BREAKING: type of store and memStore public properties changed (#247):
  • KeyringController.store is now an ObservableStore<KeyringControllerPersistentState>
  • KeyringController.memStore is now an ObservableStore<KeyringControllerState>
• BREAKING: updateMemStoreKeyrings method return type changed to Promise<void> (#247)
• BREAKING: KeyringControllerState type changed to include only non-persistent state (#247):
  • Now undefined is used instead of null when encryptionKey and encryptionSalt are unset
  • keyrings is now of type KeyringObject[] instead of Keyring<Json>
  • password, store, memStore have been removed - note that in practice this change only affects types
  • This changes cause the following methods also to change the return type:
    • createNewVaultAndKeychain
    • createNewVaultAndRestore
    • setLocked
    • submitPassword
    • submitEncryptionKey
    • addNewAccount
    • removeAccount
    • fullUpdate
• BREAKING: When constructing a simple keyring with addNewKeyring, the second parameter (opts) is now expected to be an array of private keys rather than an object with a privateKeys property (#253)
• Restored support for keyrings with non-object serialized state (#253)
• Narrow return type of signTypedMessage and encryption methods (#249)
  • The methods signTypedMessage, getEncryptionPublicKey, and decryptMessage now return string rather than Bytes

• Fix signTypedMessage parameter types (#250)
• Restore compatibility with QR Keyring (#252)
  • An empty object is no longer used as a default when deserialized state was not provided to the addNewKeyring method. This default empty object was breaking the QR keyring.

• Improved error handling when calling getKeyringForAccount with empty or invalid address (#238)

• BREAKING: Update @metamask/eth-sig-util to version ^6 (#235)
  • signPersonalMessage now normalizes msgParams.data in a different way for 0 and empty strings inputs. 0 will be normalized to 0x00 and empty strings to 0x
• BREAKING: Update Node.js min version to 16.0.0 (#236)
• Update @metamask/utils package (#234)
• Destroy keyrings on reference drop (#233)

• BREAKING: The addNewKeyring method now expects an object containing the property privateKeys of type string[] in case the supplied keyring is a "Simple Keyring". (#202), (#228)
• Migrate the project to TypeScript (#202)
  • Methods that started with an underscore are now # private methods
  • Additional validation has been added to most methods
• deps: Unpin and bump @metamask/eth-sig-utils@5.0.2->^5.1.0 (#224)

• Save encryption salt when persistAllKeyrings yields a new encryption key (#203)

• BREAKING: Update module name to use @metamask scope (#187)
  • Consumers will now need to import this package as @metamask/eth-keyring-controller
• BREAKING: @metamask/eth-hd-keyring to v6.0.0 (#193)
  • Reverts the serialization format of mnemonics on HDKeyrings from Uint8Arrays back to an untyped array of UTF8 encoded bytes, which was the format prior to v9.0.0 of this package.

• Add support for keyring init method (#163).
  • If a keyring has an init method, it will be called automatically upon construction. It is called with await, so it can be asynchronous.

• BREAKING: Replace constructor option and public property keyringTypes with keyringBuilders (#163).
  • The constructor now takes keyring builder functions rather than classes. Each builder function should return a keyring instance when called, and it must have a type string property set to the keyring type name. See the newly exported keyringBuilderFactory function for an example. The builder functions must be synchronous; use an init method for asynchronous initialization steps.
• BREAKING: KeyringController is now a named export instead of a default export (#163).
• BREAKING: Update @metamask/eth-simple-keyring from v4 to v5 (#171).
  • This keyring type is included as a default. If you are using this keyring API directly, see the @metamask/eth-simple-keyring release notes for details on required changes.
• BREAKING: Replace getKeyringClassForType method with getKeyringBuilderForType (#163).
• BREAKING: Update @metamask/eth-hd-keyring to v5 (#177)
  • This keyring type is included as a default. If you are using this keyring API directly, see the @metamask/eth-hd-keyring release notes for details on required changes.
• BREAKING: Require support for ES2020 (#177, #180)
  • As a result of some dependency updates made in this release, this package now requires ES2020 support. If using this package in an environment that does not support ES2020 completely, consider investigating these two dependency changes and transpiling any packages using ES2020 syntax.
• Update @metamask/eth-sig-util to v5 (#180)
• Update minimum supported version of @metamask/browser-passworder from v4.0.1 to v4.0.2 (#182)
• Remove bip39 dependency (#179)

• Fix support for asynchronous addAccounts HD Keyring method (#176)
  • This method was asynchronous, but was called synchronously. Currently the method does not do anything asynchronous so this should have no functional impact, but this ensures any future errors or asynchronous steps added to that method work correctly in the future.

• Allow deserializing vaults with unrecognized keyrings (#169)
  • When deserializing a vault with an unrecognized keyring, the controller will no longer crash. The unrecognized keyring vault data will be preserved in the vault for future use, but will otherwise be ignored.

• Restore full state return value (#161)
  • Some methods were accidentally changed in v8.0.0 to return nothing, where previously they returned the full KeyringController state.
  • The affected methods were:
    • createNewVaultAndKeychain
    • submitPassword
    • submitEncryptionKey
    • addNewAccount
    • removeAccount
  • They now all return the full state, just as they did in earlier versions.

• Allow login with encryption key rather than password (#152)
  • This is required to support MetaMask extension builds using manifest v3.
  • This is enabled via the option cacheEncryptionKey.
  • The encryption key and salt have been added to the memStore as encryptionKey and encryptionSalt. The salt is used to verify that the key matches the vault being decrypted.
  • If the cacheEncryptionKey option is enabled, the encryption key and salt get cached in the memStore whenever the password is submitted.
  • The encryption key can be submitted with the new method submitEncryptionKey.
  • The unlockKeyrings method now accepts additional parameters for the encryption key and salt, though we don't recommend using this method directly.

• BREAKING: Update minimum Node.js version to v14 (#146)
• BREAKING:: Remove password parameter from persistAllKeyrings and createFirstKeyTree (#154)
  • The password or encryption key must now be set already before these method are called. It is set by createNewVaultAndKeychain, createNewVaultAndRestore, and submitPassword/submitEncryptionKey.
  • This change was made to reduce redundant state changes.

• Fix a typo in the duplicate account import error (#153)

• createNewVaultAndRestore now accepts a seedphrase formatted as an array of numbers (#138)

• Fix breaking change in addNewKeyring function that was accidentally introduced in v7.0.0 (#136)
  • We updated the method such that keyrings were always constructed with constructor arguments, defaulting to an empty object if none were provided. But some keyrings (such as the QR Keyring) relied upon the options being undefined in some cases.

• Add forget Keyring method for some hardware devices (#124)
• Add @lavamoat/allow-scripts (#109)

• BREAKING: Bump eth-hd-keyring to latest version (#132)
  • When calling the addNewKeyring method, an options object can no longer be passed containing a numberOfAccounts property without also including a mnemonic. Not adding any option argument will result in the generation of a new mnemonic and the addition of 1 account derived from that mnemonic to the keyring.
• When calling createNewVaultAndKeychain all keyrings are cleared first thing (#129)
• Validate user imported seedphrase across all bip39 wordlists (#77)