Enter the new keyring interface (#5904)

crypto/keyring: `Keybase` interface gives way to its successor: `Keyring`. `LegacyKeybase` interface is added in order to guarantee limited backward compatibility with the old `Keybase` interface for the sole purpose of migrating keys across the new keyring backends. The package no longer depends on the `github.com/types.Config` singleton. `SupportedAlgos` and `SupportedLedgerAlgos` methods have been removed. The keyring just fails when trying to perform an action with an unsupported algorithm. crypto/ subdirs reorganization: `crypto/keys/hd` was moved to `crypto/hd`, which now groups together all HD wallets related types and utilities. client/input: * Removal of unnecessary `GetCheckPassword`, `PrintPrefixed` functions. * `GetConfirmation`'s signature changed to take in a io.Writer for better integration with `cobra.Command` types. client/context: * In-memory keyring is allocated in the context when `--gen-only` flag is passed in. `GetFromFields` does no longer silently allocate a keyring, it takes one as argument. Co-authored with @jgimeno Co-authored-by: Jonathan Gimeno <jgimeno@gmail.com>
2020-04-08 11:38:28 +02:00 · 2020-04-08 11:38:28 +02:00 · a1feca39c2
parent 7325692550
commit a1feca39c2
57 changed files with 1829 additions and 1473 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -70,19 +70,22 @@ and provided directly the IAVL store.
 * (modules) [\#5572](https://github.com/cosmos/cosmos-sdk/pull/5572) Move account balance logic and APIs from `x/auth` to `x/bank`.
 * (types) [\#5533](https://github.com/cosmos/cosmos-sdk/pull/5533) Refactored `AppModuleBasic` and `AppModuleGenesis`
 to now accept a `codec.JSONMarshaler` for modular serialization of genesis state.
 * (crypto/keyring) [\#5735](https://github.com/cosmos/cosmos-sdk/pull/5735) Keyring's `Update()` function is now no-op.
 * (types/rest) [\#5779](https://github.com/cosmos/cosmos-sdk/pull/5779) Drop unused Parse{Int64OrReturnBadRequest,QueryParamBool}() functions.
 * (keys) [\#5820](https://github.com/cosmos/cosmos-sdk/pull/5820/) Removed method CloseDB from Keybase interface.
 * (baseapp) [\#5837](https://github.com/cosmos/cosmos-sdk/issues/5837) Transaction simulation now returns a `SimulationResponse` which contains the `GasInfo` and
 `Result` from the execution.
-* (crypto/keyring) [\#5866](https://github.com/cosmos/cosmos-sdk/pull/5866) Move `Keyring` and `Keybase` implementations and their associated types from `crypto/keys/` to `crypto/keyring/`.
+* (client/input) [\#5904](https://github.com/cosmos/cosmos-sdk/pull/5904) Removal of unnecessary `GetCheckPassword`, `PrintPrefixed` functions.
 * (crypto) [\#5880](https://github.com/cosmos/cosmos-sdk/pull/5880) Merge `crypto/keys/mintkey` into `crypto`.
 * (crypto/keyring) [\#5858](https://github.com/cosmos/cosmos-sdk/pull/5858) Make Keyring store keys by name and address's hexbytes representation.
 * (crypto/keyring) [\#5889](https://github.com/cosmos/cosmos-sdk/pull/5889) Deprecate old keybase implementation:
  - Remove `Update` from the `Keybase` interface.
  - `NewKeyring()` now accepts a new backend: `MemoryBackend`.
  - `New()` has been renamed to`NewLegacy()`, which now returns a `LegacyKeybase` type that only allows migration of keys from the legacy keybase to a new keyring.
 * (client/keys) [\#5889](https://github.com/cosmos/cosmos-sdk/pull/5889) Rename `NewKeyBaseFromDir()` -> `NewLegacyKeyBaseFromDir()`.
 * (crypto) [\#5880](https://github.com/cosmos/cosmos-sdk/pull/5880) Merge `crypto/keys/mintkey` into `crypto`.
 * (crypto/hd) [\#5904](https://github.com/cosmos/cosmos-sdk/pull/5904) `crypto/keys/hd` moved to `crypto/hd`.
 * (crypto/keyring):
  - [\#5866](https://github.com/cosmos/cosmos-sdk/pull/5866) Rename `crypto/keys/` to `crypto/keyring/`.
  - [\#5904](https://github.com/cosmos/cosmos-sdk/pull/5904) `Keybase` -> `Keyring` interfaces migration. `LegacyKeybase` interface is added in order
 to guarantee limited backward compatibility with the old Keybase interface for the sole purpose of migrating keys across the new keyring backends. `NewLegacy`
 constructor is provided [\#5889](https://github.com/cosmos/cosmos-sdk/pull/5889) to allow for smooth migration of keys from the legacy LevelDB based implementation
 to new keyring backends. Plus, the package and the new keyring no longer depends on the sdk.Config singleton. Please consult the package documentation for more
 information on how to implement the new `Keyring` interface.
  - [\#5858](https://github.com/cosmos/cosmos-sdk/pull/5858) Make Keyring store keys by name and address's hexbytes representation.
 ### Features
@ -92,8 +95,8 @@ to now accept a `codec.JSONMarshaler` for modular serialization of genesis state
 * (types) [\#5741](https://github.com/cosmos/cosmos-sdk/issues/5741) Prevent ChainAnteDecorators() from panicking when empty AnteDecorator slice is supplied.
 * (modules) [\#5569](https://github.com/cosmos/cosmos-sdk/issues/5569) `InitGenesis`, for the relevant modules, now ensures module accounts exist.
-* (crypto/keyring) [\#5844](https://github.com/cosmos/cosmos-sdk/pull/5844) Keybase/Keyring `Sign()` methods no longer decode amino signatures
+* (crypto/keyring) [\#5844](https://github.com/cosmos/cosmos-sdk/pull/5844) `Keyring.Sign()` methods no longer decode amino signatures when method receivers
-when method receivers are offline/multisig keys.
+are offline/multisig keys.
 * (x/auth) [\#5892](https://github.com/cosmos/cosmos-sdk/pull/5892) Add `RegisterKeyTypeCodec` to register new
 types (eg. keys) to the `auth` module internal amino codec.
 * (rest) [\#5906](https://github.com/cosmos/cosmos-sdk/pull/5906) Fix an issue that make some REST calls panic when sending
--- a/client/context/context.go
+++ b/client/context/context.go
@ -25,8 +25,8 @@ type CLIContext struct {
 	Client        rpcclient.Client
 	ChainID       string
 	Marshaler     codec.Marshaler
 	Keybase       keyring.Keybase
 	Input         io.Reader
 	Keyring       keyring.Keyring
 	Output        io.Writer
 	OutputFormat  string
 	Height        int64
@ -58,8 +58,19 @@ func NewCLIContextWithInputAndFrom(input io.Reader, from string) CLIContext {
 	var nodeURI string
 	var rpc rpcclient.Client
 	homedir := viper.GetString(flags.FlagHome)
 	genOnly := viper.GetBool(flags.FlagGenerateOnly)
-	fromAddress, fromName, err := GetFromFields(input, from, genOnly)
+	backend := viper.GetString(flags.FlagKeyringBackend)
 	if len(backend) == 0 {
 		backend = keyring.BackendMemory
 	}
 	keyring, err := newKeyringFromFlags(backend, homedir, input, genOnly)
 	if err != nil {
 		panic(fmt.Errorf("couldn't acquire keyring: %v", err))
 	}
 	fromAddress, fromName, err := GetFromFields(keyring, from, genOnly)
 	if err != nil {
 		fmt.Printf("failed to get from fields: %v\n", err)
 		os.Exit(1)
@ -84,9 +95,10 @@ func NewCLIContextWithInputAndFrom(input io.Reader, from string) CLIContext {
 		Output:        os.Stdout,
 		NodeURI:       nodeURI,
 		From:          viper.GetString(flags.FlagFrom),
 		Keyring:       keyring,
 		OutputFormat:  viper.GetString(cli.OutputFlag),
 		Height:        viper.GetInt64(flags.FlagHeight),
-		HomeDir:       viper.GetString(flags.FlagHome),
+		HomeDir:       homedir,
 		TrustNode:     viper.GetBool(flags.FlagTrustNode),
 		UseLedger:     viper.GetBool(flags.FlagUseLedger),
 		BroadcastMode: viper.GetString(flags.FlagBroadcastMode),
@ -129,6 +141,12 @@ func NewCLIContextWithInput(input io.Reader) CLIContext {
 	return NewCLIContextWithInputAndFrom(input, viper.GetString(flags.FlagFrom))
 }
 // WithKeyring returns a copy of the context with an updated keyring.
 func (ctx CLIContext) WithKeyring(k keyring.Keyring) CLIContext {
 	ctx.Keyring = k
 	return ctx
 }
 // WithInput returns a copy of the context with an updated input.
 func (ctx CLIContext) WithInput(r io.Reader) CLIContext {
 	ctx.Input = r
@ -307,7 +325,7 @@ func (ctx CLIContext) PrintOutput(toPrint interface{}) error {
 // GetFromFields returns a from account address and Keybase name given either
 // an address or key name. If genOnly is true, only a valid Bech32 cosmos
 // address is returned.
-func GetFromFields(input io.Reader, from string, genOnly bool) (sdk.AccAddress, string, error) {
+func GetFromFields(kr keyring.Keyring, from string, genOnly bool) (sdk.AccAddress, string, error) {
 	if from == "" {
 		return nil, "", nil
 	}
@ -321,20 +339,14 @@ func GetFromFields(input io.Reader, from string, genOnly bool) (sdk.AccAddress,
 		return addr, "", nil
 	}
 	keybase, err := keyring.NewKeyring(sdk.KeyringServiceName(),
 		viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), input)
 	if err != nil {
 		return nil, "", err
 	}
 	var info keyring.Info
 	if addr, err := sdk.AccAddressFromBech32(from); err == nil {
-		info, err = keybase.GetByAddress(addr)
+		info, err = kr.KeyByAddress(addr)
 		if err != nil {
 			return nil, "", err
 		}
 	} else {
-		info, err = keybase.Get(from)
+		info, err = kr.Key(from)
 		if err != nil {
 			return nil, "", err
 		}
@ -342,3 +354,10 @@ func GetFromFields(input io.Reader, from string, genOnly bool) (sdk.AccAddress,
 	return info.GetAddress(), info.GetName(), nil
 }
 func newKeyringFromFlags(backend, homedir string, input io.Reader, genOnly bool) (keyring.Keyring, error) {
 	if genOnly {
 		return keyring.New(sdk.KeyringServiceName(), keyring.BackendMemory, homedir, input)
 	}
 	return keyring.New(sdk.KeyringServiceName(), backend, homedir, input)
 }
--- a/client/context/context_test.go
+++ b/client/context/context_test.go
@ -1,13 +1,16 @@
-package context
+package context_test
 import (
 	"os"
 	"testing"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/require"
 	"github.com/cosmos/cosmos-sdk/client/context"
 	"github.com/cosmos/cosmos-sdk/client/flags"
 )
@ -15,7 +18,7 @@ func TestCLIContext_WithOffline(t *testing.T) {
 	viper.Set(flags.FlagOffline, true)
 	viper.Set(flags.FlagNode, "tcp://localhost:26657")
-	ctx := NewCLIContext()
+	ctx := context.NewCLIContext()
 	require.True(t, ctx.Offline)
 	require.Nil(t, ctx.Client)
@ -24,7 +27,7 @@ func TestCLIContext_WithOffline(t *testing.T) {
 	viper.Set(flags.FlagOffline, false)
 	viper.Set(flags.FlagNode, "tcp://localhost:26657")
-	ctx = NewCLIContext()
+	ctx = context.NewCLIContext()
 	require.False(t, ctx.Offline)
 	require.NotNil(t, ctx.Client)
 }
@ -59,10 +62,26 @@ func TestCLIContext_WithGenOnly(t *testing.T) {
 	for _, tt := range tests {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
-			ctx := NewCLIContextWithFrom(tt.from)
+			ctx := context.NewCLIContextWithFrom(tt.from)
 			require.Equal(t, tt.expectedFromAddr, ctx.FromAddress)
 			require.Equal(t, tt.expectedFromName, ctx.FromName)
 		})
 	}
 }
 func TestCLIContext_WithKeyring(t *testing.T) {
 	viper.Set(flags.FlagGenerateOnly, true)
 	ctx := context.NewCLIContextWithFrom("cosmos1q7380u26f7ntke3facjmynajs4umlr329vr4ja")
 	require.NotNil(t, ctx.Keyring)
 	kr := ctx.Keyring
 	ctx = ctx.WithKeyring(nil)
 	require.Nil(t, ctx.Keyring)
 	ctx = ctx.WithKeyring(kr)
 	require.Equal(t, kr, ctx.Keyring)
 }
 func TestMain(m *testing.M) {
 	viper.Set(flags.FlagKeyringBackend, keyring.BackendMemory)
 	os.Exit(m.Run())
 }
--- a/client/input/input.go
+++ b/client/input/input.go
@ -2,8 +2,8 @@ package input
 import (
 	"bufio"
 	"errors"
 	"fmt"
 	"io"
 	"os"
 	"strings"
@ -36,40 +36,15 @@ func GetPassword(prompt string, buf *bufio.Reader) (pass string, err error) {
 	return pass, nil
 }
 // GetCheckPassword will prompt for a password twice to verify they
 // match (for creating a new password).
 // It enforces the password length. Only parses password once if
 // input is piped in.
 func GetCheckPassword(prompt, prompt2 string, buf *bufio.Reader) (string, error) {
 	// simple read on no-tty
 	if !inputIsTty() {
 		return GetPassword(prompt, buf)
 	}
 	// TODO: own function???
 	pass, err := GetPassword(prompt, buf)
 	if err != nil {
 		return "", err
 	}
 	pass2, err := GetPassword(prompt2, buf)
 	if err != nil {
 		return "", err
 	}
 	if pass != pass2 {
 		return "", errors.New("passphrases don't match")
 	}
 	return pass, nil
 }
 // GetConfirmation will request user give the confirmation from stdin.
 // "y", "Y", "yes", "YES", and "Yes" all count as confirmations.
 // If the input is not recognized, it returns false and a nil error.
-func GetConfirmation(prompt string, buf *bufio.Reader) (bool, error) {
+func GetConfirmation(prompt string, r *bufio.Reader, w io.Writer) (bool, error) {
 	if inputIsTty() {
 		fmt.Printf("%s [y/N]: ", prompt)
 	}
-	response, err := readLineFromBuf(buf)
+	response, err := readLineFromBuf(r)
 	if err != nil {
 		return false, err
 	}
@ -90,7 +65,7 @@ func GetConfirmation(prompt string, buf *bufio.Reader) (bool, error) {
 // GetString simply returns the trimmed string output of a given reader.
 func GetString(prompt string, buf *bufio.Reader) (string, error) {
 	if inputIsTty() && prompt != "" {
-		PrintPrefixed(prompt)
+		fmt.Fprintf(os.Stderr, "> %s\n", prompt)
 	}
 	out, err := readLineFromBuf(buf)
@ -117,9 +92,3 @@ func readLineFromBuf(buf *bufio.Reader) (string, error) {
 	}
 	return strings.TrimSpace(pass), nil
 }
 // PrintPrefixed prints a string with > prefixed for use in prompts.
 func PrintPrefixed(msg string) {
 	msg = fmt.Sprintf("> %s\n", msg)
 	fmt.Fprint(os.Stderr, msg)
 }
--- a/client/keys/add.go
+++ b/client/keys/add.go
@ -12,6 +12,7 @@ import (
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/client/input"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	sdk "github.com/cosmos/cosmos-sdk/types"
@ -27,6 +28,7 @@ const (
 	flagInteractive = "interactive"
 	flagRecover     = "recover"
 	flagNoBackup    = "no-backup"
 	flagCoinType    = "coin-type"
 	flagAccount     = "account"
 	flagIndex       = "index"
 	flagMultisig    = "multisig"
@ -73,19 +75,20 @@ the flag --nosort is set.
 	cmd.Flags().Bool(flagNoBackup, false, "Don't print out seed phrase (if others are watching the terminal)")
 	cmd.Flags().Bool(flags.FlagDryRun, false, "Perform action, but don't add key to local keystore")
 	cmd.Flags().String(flagHDPath, "", "Manual HD Path derivation (overrides BIP44 config)")
 	cmd.Flags().Uint32(flagCoinType, sdk.CoinType, "coin type number for HD derivation")
 	cmd.Flags().Uint32(flagAccount, 0, "Account number for HD derivation")
 	cmd.Flags().Uint32(flagIndex, 0, "Address index number for HD derivation")
 	cmd.Flags().Bool(flags.FlagIndentResponse, false, "Add indent to JSON response")
-	cmd.Flags().String(flagKeyAlgo, string(keyring.Secp256k1), "Key signing algorithm to generate keys for")
+	cmd.Flags().String(flagKeyAlgo, string(hd.Secp256k1Type), "Key signing algorithm to generate keys for")
 	return cmd
 }
-func getKeybase(transient bool, buf io.Reader) (keyring.Keybase, error) {
+func getKeybase(transient bool, buf io.Reader) (keyring.Keyring, error) {
 	if transient {
-		return keyring.NewKeyring(sdk.KeyringServiceName(), keyring.BackendMemory, viper.GetString(flags.FlagHome), buf)
+		return keyring.New(sdk.KeyringServiceName(), keyring.BackendMemory, viper.GetString(flags.FlagHome), buf)
 	}
-	return keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), buf)
+	return keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), buf)
 }
 func runAddCmd(cmd *cobra.Command, args []string) error {
@ -107,7 +110,7 @@ input
 output
 	- armor encrypted private key (saved to file)
 */
-func RunAddCmd(cmd *cobra.Command, args []string, kb keyring.Keybase, inBuf *bufio.Reader) error {
+func RunAddCmd(cmd *cobra.Command, args []string, kb keyring.Keyring, inBuf *bufio.Reader) error {
 	var err error
 	name := args[0]
@ -115,25 +118,27 @@ func RunAddCmd(cmd *cobra.Command, args []string, kb keyring.Keybase, inBuf *buf
 	interactive := viper.GetBool(flagInteractive)
 	showMnemonic := !viper.GetBool(flagNoBackup)
-	algo := keyring.SigningAlgo(viper.GetString(flagKeyAlgo))
+	algo, err := keyring.NewSigningAlgoFromString(viper.GetString(flagKeyAlgo))
-	if algo == keyring.SigningAlgo("") {
+	if err != nil {
-		algo = keyring.Secp256k1
+		algo = hd.Secp256k1
 	}
 	if !keyring.IsSupportedAlgorithm(kb.SupportedAlgos(), algo) {
 		return keyring.ErrUnsupportedSigningAlgo
 	}
 	if !viper.GetBool(flags.FlagDryRun) {
-		_, err = kb.Get(name)
+		_, err = kb.Key(name)
 		if err == nil {
 			// account exists, ask for user confirmation
-			response, err2 := input.GetConfirmation(fmt.Sprintf("override the existing name %s", name), inBuf)
+			response, err2 := input.GetConfirmation(fmt.Sprintf("override the existing name %s", name), inBuf, cmd.ErrOrStderr())
 			if err2 != nil {
 				return err2
 			}
 			if !response {
 				return errors.New("aborted")
 			}
 			err2 = kb.Delete(name)
 			if err2 != nil {
 				return err2
 			}
 		}
 		multisigKeys := viper.GetStringSlice(flagMultisig)
@ -146,7 +151,7 @@ func RunAddCmd(cmd *cobra.Command, args []string, kb keyring.Keybase, inBuf *buf
 			}
 			for _, keyname := range multisigKeys {
-				k, err := kb.Get(keyname)
+				k, err := kb.Key(keyname)
 				if err != nil {
 					return err
 				}
@ -161,7 +166,7 @@ func RunAddCmd(cmd *cobra.Command, args []string, kb keyring.Keybase, inBuf *buf
 			}
 			pk := multisig.NewPubKeyMultisigThreshold(multisigThreshold, pks)
-			if _, err := kb.CreateMulti(name, pk); err != nil {
+			if _, err := kb.SaveMultisig(name, pk); err != nil {
 				return err
 			}
@ -175,13 +180,14 @@ func RunAddCmd(cmd *cobra.Command, args []string, kb keyring.Keybase, inBuf *buf
 		if err != nil {
 			return err
 		}
-		_, err = kb.CreateOffline(name, pk, algo)
+		_, err = kb.SavePubKey(name, pk, algo.Name())
 		if err != nil {
 			return err
 		}
 		return nil
 	}
 	coinType := uint32(viper.GetInt(flagCoinType))
 	account := uint32(viper.GetInt(flagAccount))
 	index := uint32(viper.GetInt(flagIndex))
@ -189,7 +195,7 @@ func RunAddCmd(cmd *cobra.Command, args []string, kb keyring.Keybase, inBuf *buf
 	var hdPath string
 	if useBIP44 {
-		hdPath = keyring.CreateHDPath(account, index).String()
+		hdPath = hd.CreateHDPath(coinType, account, index).String()
 	} else {
 		hdPath = viper.GetString(flagHDPath)
 	}
@ -201,12 +207,8 @@ func RunAddCmd(cmd *cobra.Command, args []string, kb keyring.Keybase, inBuf *buf
 			return errors.New("cannot set custom bip32 path with ledger")
 		}
 		if !keyring.IsSupportedAlgorithm(kb.SupportedAlgosLedger(), algo) {
 			return keyring.ErrUnsupportedSigningAlgo
 		}
 		bech32PrefixAccAddr := sdk.GetConfig().GetBech32AccountAddrPrefix()
-		info, err := kb.CreateLedger(name, keyring.Secp256k1, bech32PrefixAccAddr, account, index)
+		info, err := kb.SaveLedgerKey(name, hd.Secp256k1, bech32PrefixAccAddr, coinType, account, index)
 		if err != nil {
 			return err
 		}
@ -269,7 +271,7 @@ func RunAddCmd(cmd *cobra.Command, args []string, kb keyring.Keybase, inBuf *buf
 		}
 	}
-	info, err := kb.CreateAccount(name, mnemonic, bip39Passphrase, DefaultKeyPass, hdPath, algo)
+	info, err := kb.NewAccount(name, mnemonic, bip39Passphrase, hdPath, algo)
 	if err != nil {
 		return err
 	}
--- a/client/keys/add_ledger_test.go
+++ b/client/keys/add_ledger_test.go
@ -41,6 +41,9 @@ func Test_runAddCmdLedgerWithCustomCoinType(t *testing.T) {
 	t.Cleanup(kbCleanUp)
 	viper.Set(flags.FlagHome, kbHome)
 	viper.Set(flags.FlagUseLedger, true)
 	viper.Set(flagAccount, "0")
 	viper.Set(flagIndex, "0")
 	viper.Set(flagCoinType, "330")
 	/// Test Text
 	viper.Set(cli.OutputFlag, OutputFormatText)
@ -50,14 +53,14 @@ func Test_runAddCmdLedgerWithCustomCoinType(t *testing.T) {
 	require.NoError(t, runAddCmd(cmd, []string{"keyname1"}))
 	// Now check that it has been stored properly
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), mockIn)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), kbHome, mockIn)
 	require.NoError(t, err)
 	require.NotNil(t, kb)
 	t.Cleanup(func() {
-		kb.Delete("keyname1", "", false)
+		kb.Delete("keyname1")
 	})
 	mockIn.Reset("test1234\n")
-	key1, err := kb.Get("keyname1")
+	key1, err := kb.Key("keyname1")
 	require.NoError(t, err)
 	require.NotNil(t, key1)
@ -90,17 +93,18 @@ func Test_runAddCmdLedger(t *testing.T) {
 	viper.Set(cli.OutputFlag, OutputFormatText)
 	// Now enter password
 	mockIn.Reset("test1234\ntest1234\n")
 	viper.Set(flagCoinType, sdk.CoinType)
 	require.NoError(t, runAddCmd(cmd, []string{"keyname1"}))
 	// Now check that it has been stored properly
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), kbHome, mockIn)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), kbHome, mockIn)
 	require.NoError(t, err)
 	require.NotNil(t, kb)
 	t.Cleanup(func() {
-		kb.Delete("keyname1", "", false)
+		kb.Delete("keyname1")
 	})
 	mockIn.Reset("test1234\n")
-	key1, err := kb.Get("keyname1")
+	key1, err := kb.Key("keyname1")
 	require.NoError(t, err)
 	require.NotNil(t, key1)
--- a/client/keys/add_test.go
+++ b/client/keys/add_test.go
@ -4,7 +4,6 @@ import (
 	"testing"
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/tendermint/tendermint/libs/cli"
@ -17,36 +16,37 @@ import (
 func Test_runAddCmdBasic(t *testing.T) {
 	cmd := AddKeyCommand()
-	assert.NotNil(t, cmd)
+	require.NotNil(t, cmd)
 	mockIn, _, _ := tests.ApplyMockIO(cmd)
 	kbHome, kbCleanUp := tests.NewTestCaseDir(t)
-	assert.NotNil(t, kbHome)
+	require.NotNil(t, kbHome)
 	t.Cleanup(kbCleanUp)
 	viper.Set(flags.FlagHome, kbHome)
 	viper.Set(cli.OutputFlag, OutputFormatText)
 	viper.Set(flags.FlagUseLedger, false)
 	mockIn.Reset("y\n")
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), kbHome, mockIn)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), kbHome, mockIn)
 	require.NoError(t, err)
 	t.Cleanup(func() {
-		kb.Delete("keyname1", "", false) // nolint:errcheck
+		kb.Delete("keyname1") // nolint:errcheck
-		kb.Delete("keyname2", "", false) // nolint:errcheck
+		kb.Delete("keyname2") // nolint:errcheck
 	})
-	assert.NoError(t, runAddCmd(cmd, []string{"keyname1"}))
+	require.NoError(t, runAddCmd(cmd, []string{"keyname1"}))
 	mockIn.Reset("N\n")
-	assert.Error(t, runAddCmd(cmd, []string{"keyname1"}))
+	require.Error(t, runAddCmd(cmd, []string{"keyname1"}))
-	assert.NoError(t, runAddCmd(cmd, []string{"keyname2"}))
+	require.NoError(t, runAddCmd(cmd, []string{"keyname2"}))
-	assert.Error(t, runAddCmd(cmd, []string{"keyname2"}))
+	require.Error(t, runAddCmd(cmd, []string{"keyname2"}))
 	mockIn.Reset("y\n")
-	assert.NoError(t, runAddCmd(cmd, []string{"keyname2"}))
+	require.NoError(t, runAddCmd(cmd, []string{"keyname2"}))
 	// test --dry-run
-	assert.NoError(t, runAddCmd(cmd, []string{"keyname4"}))
+	require.NoError(t, runAddCmd(cmd, []string{"keyname4"}))
-	assert.Error(t, runAddCmd(cmd, []string{"keyname4"}))
+	require.Error(t, runAddCmd(cmd, []string{"keyname4"}))
 	viper.Set(flags.FlagDryRun, true)
-	assert.NoError(t, runAddCmd(cmd, []string{"keyname4"}))
+	require.NoError(t, runAddCmd(cmd, []string{"keyname4"}))
 }
--- a/client/keys/codec_test.go
+++ b/client/keys/codec_test.go
@ -1,12 +1,12 @@
-package keys
+package keys_test
 import (
-	"fmt"
+	"bytes"
 	"reflect"
 	"testing"
 	"github.com/stretchr/testify/require"
 	"github.com/cosmos/cosmos-sdk/client/keys"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 )
@ -58,15 +58,9 @@ func TestMarshalJSON(t *testing.T) {
 	for _, tt := range tests {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
-			got, err := MarshalJSON(tt.args.o)
+			got, err := keys.MarshalJSON(tt.args.o)
-			if (err != nil) != tt.wantErr {
+			require.Equal(t, tt.wantErr, err != nil)
-				t.Errorf("MarshalJSON() error = %v, wantErr %v", err, tt.wantErr)
+			require.True(t, bytes.Equal(got, tt.want))
 				return
 			}
 			fmt.Printf("%s\n", got)
 			if !reflect.DeepEqual(got, tt.want) {
 				t.Errorf("MarshalJSON() = %v, want %v", got, tt.want)
 			}
 		})
 	}
 }
@ -94,10 +88,8 @@ func TestUnmarshalJSON(t *testing.T) {
 	for idx, tt := range tests {
 		idx, tt := idx, tt
 		t.Run(tt.name, func(t *testing.T) {
-			if err := UnmarshalJSON(tt.args.bz, tt.args.ptr); (err != nil) != tt.wantErr {
+			err := keys.UnmarshalJSON(tt.args.bz, tt.args.ptr)
-				t.Errorf("unmarshalJSON() error = %v, wantErr %v", err, tt.wantErr)
+			require.Equal(t, tt.wantErr, err != nil)
 			}
 			// Confirm deserialized objects are the same
 			require.Equal(t, data.Keys[idx], data.Answers[idx])
 		})
--- a/client/keys/delete.go
+++ b/client/keys/delete.go
@ -2,7 +2,6 @@ package keys
 import (
 	"bufio"
 	"errors"
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/client/input"
@ -43,49 +42,36 @@ private keys stored in a ledger device cannot be deleted with the CLI.
 func runDeleteCmd(cmd *cobra.Command, args []string) error {
 	buf := bufio.NewReader(cmd.InOrStdin())
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), buf)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), buf)
 	if err != nil {
 		return err
 	}
 	for _, name := range args {
-		info, err := kb.Get(name)
+		info, err := kb.Key(name)
 		if err != nil {
 			return err
 		}
-		if info.GetType() == keyring.TypeLedger || info.GetType() == keyring.TypeOffline {
+		// confirm deletion, unless -y is passed
-			// confirm deletion, unless -y is passed
+		if !viper.GetBool(flagYes) {
-			if !viper.GetBool(flagYes) {
+			if yes, err := input.GetConfirmation("Key reference will be deleted. Continue?", buf, cmd.ErrOrStderr()); err != nil {
 				if err := confirmDeletion(buf); err != nil {
 					return err
 				}
 			}
 			if err := kb.Delete(name, "", true); err != nil {
 				return err
 			} else if !yes {
 				continue
 			}
 			cmd.PrintErrln("Public key reference deleted")
 			return nil
 		}
-		// old password and skip flag arguments are ignored
+		if err := kb.Delete(name); err != nil {
 		if err := kb.Delete(name, "", true); err != nil {
 			return err
 		}
 		if info.GetType() == keyring.TypeLedger || info.GetType() == keyring.TypeOffline {
 			cmd.PrintErrln("Public key reference deleted")
 			continue
 		}
 		cmd.PrintErrln("Key deleted forever (uh oh!)")
 	}
 	return nil
 }
 func confirmDeletion(buf *bufio.Reader) error {
 	answer, err := input.GetConfirmation("Key reference will be deleted. Continue?", buf)
 	if err != nil {
 		return err
 	}
 	if !answer {
 		return errors.New("aborted")
 	}
 	return nil
 }
--- a/client/keys/delete_test.go
+++ b/client/keys/delete_test.go
@ -1,13 +1,13 @@
 package keys
 import (
 	"bufio"
 	"strings"
 	"testing"
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/require"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"github.com/cosmos/cosmos-sdk/tests"
@ -20,30 +20,25 @@ func Test_runDeleteCmd(t *testing.T) {
 	yesF, _ := deleteKeyCommand.Flags().GetBool(flagYes)
 	forceF, _ := deleteKeyCommand.Flags().GetBool(flagForce)
 	require.False(t, yesF)
 	require.False(t, forceF)
 	fakeKeyName1 := "runDeleteCmd_Key1"
 	fakeKeyName2 := "runDeleteCmd_Key2"
 	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), mockIn)
 	require.NoError(t, err)
 	t.Cleanup(func() {
 		kb.Delete("runDeleteCmd_Key1", "", false) // nolint:errcheck
 		kb.Delete("runDeleteCmd_Key2", "", false) // nolint:errcheck
 	})
 	// Now add a temporary keybase
 	kbHome, cleanUp := tests.NewTestCaseDir(t)
 	t.Cleanup(cleanUp)
 	viper.Set(flags.FlagHome, kbHome)
 	// Now
-	kb, err = keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), kbHome, mockIn)
+	path := sdk.GetConfig().GetFullFundraiserPath()
 	backend := viper.GetString(flags.FlagKeyringBackend)
 	kb, err := keyring.New(sdk.KeyringServiceName(), backend, kbHome, mockIn)
 	require.NoError(t, err)
-	_, err = kb.CreateAccount(fakeKeyName1, tests.TestMnemonic, "", "", "0", keyring.Secp256k1)
+	_, err = kb.NewAccount(fakeKeyName1, tests.TestMnemonic, "", path, hd.Secp256k1)
 	require.NoError(t, err)
-
+	_, _, err = kb.NewMnemonic(fakeKeyName2, keyring.English, sdk.FullFundraiserPath, hd.Secp256k1)
 	_, err = kb.CreateAccount(fakeKeyName2, tests.TestMnemonic, "", "", "1", keyring.Secp256k1)
 	require.NoError(t, err)
 	err = runDeleteCmd(deleteKeyCommand, []string{"blah"})
@ -55,53 +50,21 @@ func Test_runDeleteCmd(t *testing.T) {
 	require.Error(t, err)
 	require.Equal(t, "EOF", err.Error())
-	{
+	_, err = kb.Key(fakeKeyName1)
-		_, err = kb.Get(fakeKeyName1)
+	require.NoError(t, err)
 		require.NoError(t, err)
-		// Now there is a confirmation
+	// Now there is a confirmation
-		viper.Set(flagYes, true)
+	viper.Set(flagYes, true)
-		require.NoError(t, runDeleteCmd(deleteKeyCommand, []string{fakeKeyName1}))
+	require.NoError(t, runDeleteCmd(deleteKeyCommand, []string{fakeKeyName1}))
-		_, err = kb.Get(fakeKeyName1)
+	_, err = kb.Key(fakeKeyName1)
-		require.Error(t, err) // Key1 is gone
+	require.Error(t, err) // Key1 is gone
 	}
 	viper.Set(flagYes, true)
-	_, err = kb.Get(fakeKeyName2)
+	_, err = kb.Key(fakeKeyName2)
 	require.NoError(t, err)
 	err = runDeleteCmd(deleteKeyCommand, []string{fakeKeyName2})
 	require.NoError(t, err)
-	_, err = kb.Get(fakeKeyName2)
+	_, err = kb.Key(fakeKeyName2)
 	require.Error(t, err) // Key2 is gone
 }
 func Test_confirmDeletion(t *testing.T) {
 	type args struct {
 		buf *bufio.Reader
 	}
 	answerYes := bufio.NewReader(strings.NewReader("y\n"))
 	answerYes2 := bufio.NewReader(strings.NewReader("Y\n"))
 	answerNo := bufio.NewReader(strings.NewReader("n\n"))
 	answerInvalid := bufio.NewReader(strings.NewReader("245\n"))
 	tests := []struct {
 		name    string
 		args    args
 		wantErr bool
 	}{
 		{"Y", args{answerYes}, false},
 		{"y", args{answerYes2}, false},
 		{"N", args{answerNo}, true},
 		{"BAD", args{answerInvalid}, true},
 	}
 	for _, tt := range tests {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
 			if err := confirmDeletion(tt.args.buf); (err != nil) != tt.wantErr {
 				t.Errorf("confirmDeletion() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})
 	}
 }
--- a/client/keys/export.go
+++ b/client/keys/export.go
@ -25,21 +25,17 @@ func ExportKeyCommand() *cobra.Command {
 func runExportCmd(cmd *cobra.Command, args []string) error {
 	buf := bufio.NewReader(cmd.InOrStdin())
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), buf)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), buf)
 	if err != nil {
 		return err
 	}
 	decryptPassword, err := input.GetPassword("Enter passphrase to decrypt your key:", buf)
 	if err != nil {
 		return err
 	}
 	encryptPassword, err := input.GetPassword("Enter passphrase to encrypt the exported key:", buf)
 	if err != nil {
 		return err
 	}
-	armored, err := kb.ExportPrivKey(args[0], decryptPassword, encryptPassword)
+	armored, err := kb.ExportPrivKeyArmor(args[0], encryptPassword)
 	if err != nil {
 		return err
 	}
--- a/client/keys/export_test.go
+++ b/client/keys/export_test.go
@ -6,6 +6,8 @@ import (
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/require"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"github.com/cosmos/cosmos-sdk/tests"
@ -22,13 +24,14 @@ func Test_runExportCmd(t *testing.T) {
 	viper.Set(flags.FlagHome, kbHome)
 	// create a key
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), mockIn)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), kbHome, mockIn)
 	require.NoError(t, err)
 	t.Cleanup(func() {
-		kb.Delete("keyname1", "", false) // nolint:errcheck
+		kb.Delete("keyname1") // nolint:errcheck
 	})
-	_, err = kb.CreateAccount("keyname1", tests.TestMnemonic, "", "123456789", "", keyring.Secp256k1)
+	path := sdk.GetConfig().GetFullFundraiserPath()
 	_, err = kb.NewAccount("keyname1", tests.TestMnemonic, "", path, hd.Secp256k1)
 	require.NoError(t, err)
 	// Now enter password
--- a/client/keys/import.go
+++ b/client/keys/import.go
@ -26,7 +26,7 @@ func ImportKeyCommand() *cobra.Command {
 func runImportCmd(cmd *cobra.Command, args []string) error {
 	buf := bufio.NewReader(cmd.InOrStdin())
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), buf)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), buf)
 	if err != nil {
 		return err
 	}
--- a/client/keys/import_test.go
+++ b/client/keys/import_test.go
@ -23,10 +23,10 @@ func Test_runImportCmd(t *testing.T) {
 	t.Cleanup(cleanUp)
 	viper.Set(flags.FlagHome, kbHome)
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), mockIn)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), kbHome, mockIn)
 	require.NoError(t, err)
 	t.Cleanup(func() {
-		kb.Delete("keyname1", "", false) // nolint:errcheck
+		kb.Delete("keyname1") // nolint:errcheck
 	})
 	keyfile := filepath.Join(kbHome, "key.asc")
--- a/client/keys/list.go
+++ b/client/keys/list.go
@ -26,7 +26,7 @@ along with their associated name and address.`,
 }
 func runListCmd(cmd *cobra.Command, _ []string) error {
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), cmd.InOrStdin())
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), cmd.InOrStdin())
 	if err != nil {
 		return err
 	}
--- a/client/keys/list_test.go
+++ b/client/keys/list_test.go
@ -7,6 +7,8 @@ import (
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/require"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"github.com/cosmos/cosmos-sdk/tests"
@ -31,14 +33,15 @@ func Test_runListCmd(t *testing.T) {
 	viper.Set(flags.FlagHome, kbHome2)
 	mockIn, _, _ := tests.ApplyMockIO(cmdBasic)
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), mockIn)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), mockIn)
 	require.NoError(t, err)
-	_, err = kb.CreateAccount("something", tests.TestMnemonic, "", "", "", keyring.Secp256k1)
+	path := "" //sdk.GetConfig().GetFullFundraiserPath()
 	_, err = kb.NewAccount("something", tests.TestMnemonic, "", path, hd.Secp256k1)
 	require.NoError(t, err)
 	t.Cleanup(func() {
-		kb.Delete("something", "", false) // nolint:errcheck
+		kb.Delete("something") // nolint:errcheck
 	})
 	testData := []struct {
--- a/client/keys/migrate.go
+++ b/client/keys/migrate.go
@ -60,21 +60,21 @@ func runMigrateCmd(cmd *cobra.Command, args []string) error {
 	keyringServiceName := sdk.KeyringServiceName()
 	var (
-		tmpDir  string
+		tmpDir   string
-		keybase keyring.Keybase
+		migrator keyring.InfoImporter
 	)
 	if viper.GetBool(flags.FlagDryRun) {
-		tmpDir, err = ioutil.TempDir("", "keybase-migrate-dryrun")
+		tmpDir, err = ioutil.TempDir("", "migrator-migrate-dryrun")
 		if err != nil {
 			return errors.Wrap(err, "failed to create temporary directory for dryrun migration")
 		}
 		defer os.RemoveAll(tmpDir)
-		keybase, err = keyring.NewKeyring(keyringServiceName, "test", tmpDir, buf)
+		migrator, err = keyring.NewInfoImporter(keyringServiceName, "test", tmpDir, buf)
 	} else {
-		keybase, err = keyring.NewKeyring(keyringServiceName, viper.GetString(flags.FlagKeyringBackend), rootDir, buf)
+		migrator, err = keyring.NewInfoImporter(keyringServiceName, viper.GetString(flags.FlagKeyringBackend), rootDir, buf)
 	}
 	if err != nil {
 		return errors.Wrap(err, fmt.Sprintf(
@ -92,16 +92,10 @@ func runMigrateCmd(cmd *cobra.Command, args []string) error {
 		keyName := key.GetName()
 		keyType := key.GetType()
 		// skip key if already migrated
 		if _, err := keybase.Get(keyName); err == nil {
 			cmd.PrintErrf("Key '%s (%s)' already exists; skipping ...\n", key.GetName(), keyType)
 			continue
 		}
 		cmd.PrintErrf("Migrating key: '%s (%s)' ...\n", key.GetName(), keyType)
 		// allow user to skip migrating specific keys
-		ok, err := input.GetConfirmation("Skip key migration?", buf)
+		ok, err := input.GetConfirmation("Skip key migration?", buf, cmd.ErrOrStderr())
 		if err != nil {
 			return err
 		}
@ -110,7 +104,7 @@ func runMigrateCmd(cmd *cobra.Command, args []string) error {
 		}
 		if keyType != keyring.TypeLocal {
-			if err := keybase.Import(keyName, legKeyInfo); err != nil {
+			if err := migrator.Import(keyName, legKeyInfo); err != nil {
 				return err
 			}
@ -130,7 +124,7 @@ func runMigrateCmd(cmd *cobra.Command, args []string) error {
 			return err
 		}
-		if err := keybase.ImportPrivKey(keyName, armoredPriv, migratePassphrase); err != nil {
+		if err := migrator.Import(keyName, armoredPriv); err != nil {
 			return err
 		}
 	}
--- a/client/keys/migrate_test.go
+++ b/client/keys/migrate_test.go
@ -3,6 +3,8 @@ package keys
 import (
 	"testing"
 	"github.com/otiai10/copy"
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/tests"
@ -18,18 +20,18 @@ func Test_runMigrateCmd(t *testing.T) {
 	mockIn, _, _ := tests.ApplyMockIO(cmd)
 	kbHome, kbCleanUp := tests.NewTestCaseDir(t)
 	copy.Copy("testdata", kbHome)
 	assert.NotNil(t, kbHome)
 	t.Cleanup(kbCleanUp)
 	viper.Set(flags.FlagHome, kbHome)
 	viper.Set(cli.OutputFlag, OutputFormatText)
 	mockIn.Reset("test1234\ntest1234\n")
 	assert.NoError(t, runAddCmd(cmd, []string{"keyname1"}))
 	viper.Set(flags.FlagDryRun, true)
 	cmd = MigrateCommand()
 	mockIn, _, _ = tests.ApplyMockIO(cmd)
-	mockIn.Reset("test1234\n")
+	mockIn.Reset("test1234\ntest1234\n")
 	assert.NoError(t, runMigrateCmd(cmd, []string{}))
 }
--- a/client/keys/mnemonic.go
+++ b/client/keys/mnemonic.go
@ -46,7 +46,7 @@ func runMnemonicCmd(cmd *cobra.Command, args []string) error {
 		if len(inputEntropy) < 43 {
 			return fmt.Errorf("256-bits is 43 characters in Base-64, and 100 in Base-6. You entered %v, and probably want more", len(inputEntropy))
 		}
-		conf, err := input.GetConfirmation(fmt.Sprintf("> Input length: %d", len(inputEntropy)), buf)
+		conf, err := input.GetConfirmation(fmt.Sprintf("> Input length: %d", len(inputEntropy)), buf, cmd.ErrOrStderr())
 		if err != nil {
 			return err
 		}
--- a/client/keys/root_test.go
+++ b/client/keys/root_test.go
@ -9,6 +9,7 @@ import (
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 )
 func TestCommands(t *testing.T) {
@ -21,5 +22,6 @@ func TestCommands(t *testing.T) {
 func TestMain(m *testing.M) {
 	viper.Set(flags.FlagKeyringBackend, keyring.BackendTest)
 	viper.Set(flagCoinType, sdk.CoinType)
 	os.Exit(m.Run())
 }
--- a/client/keys/show.go
+++ b/client/keys/show.go
@ -57,7 +57,7 @@ consisting of all the keys provided by name and multisig threshold.`,
 func runShowCmd(cmd *cobra.Command, args []string) (err error) {
 	var info keyring.Info
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), cmd.InOrStdin())
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), cmd.InOrStdin())
 	if err != nil {
 		return err
 	}
@ -142,15 +142,15 @@ func runShowCmd(cmd *cobra.Command, args []string) (err error) {
 	return nil
 }
-func fetchKey(kb keyring.Keybase, keyref string) (keyring.Info, error) {
+func fetchKey(kb keyring.Keyring, keyref string) (keyring.Info, error) {
-	info, err := kb.Get(keyref)
+	info, err := kb.Key(keyref)
 	if err != nil {
 		accAddr, err := sdk.AccAddressFromBech32(keyref)
 		if err != nil {
 			return info, err
 		}
-		info, err = kb.GetByAddress(accAddr)
+		info, err = kb.KeyByAddress(accAddr)
 		if err != nil {
 			return info, errors.New("key not found")
 		}
--- a/client/keys/show_test.go
+++ b/client/keys/show_test.go
@ -11,6 +11,7 @@ import (
 	"github.com/tendermint/tendermint/crypto/secp256k1"
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"github.com/cosmos/cosmos-sdk/tests"
 	sdk "github.com/cosmos/cosmos-sdk/types"
@ -24,7 +25,7 @@ func Test_multiSigKey_Properties(t *testing.T) {
 	require.Equal(t, "myMultisig", tmp.GetName())
 	require.Equal(t, keyring.TypeMulti, tmp.GetType())
 	require.Equal(t, "D3923267FA8A3DD367BB768FA8BDC8FF7F89DA3F", tmp.GetPubKey().Address().String())
-	require.Equal(t, "cosmos16wfryel63g7axeamw68630wglalcnk3l0zuadc", tmp.GetAddress().String())
+	require.Equal(t, "cosmos16wfryel63g7axeamw68630wglalcnk3l0zuadc", sdk.MustBech32ifyAddressBytes("cosmos", tmp.GetAddress()))
 }
 func Test_showKeysCmd(t *testing.T) {
@ -48,16 +49,19 @@ func Test_runShowCmd(t *testing.T) {
 	fakeKeyName1 := "runShowCmd_Key1"
 	fakeKeyName2 := "runShowCmd_Key2"
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), mockIn)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), mockIn)
 	require.NoError(t, err)
 	t.Cleanup(func() {
-		kb.Delete("runShowCmd_Key1", "", false)
+		kb.Delete("runShowCmd_Key1")
-		kb.Delete("runShowCmd_Key2", "", false)
+		kb.Delete("runShowCmd_Key2")
 	})
-	_, err = kb.CreateAccount(fakeKeyName1, tests.TestMnemonic, "", "", "0", keyring.Secp256k1)
+
 	path := hd.NewFundraiserParams(1, sdk.CoinType, 0).String()
 	_, err = kb.NewAccount(fakeKeyName1, tests.TestMnemonic, "", path, hd.Secp256k1)
 	require.NoError(t, err)
-	_, err = kb.CreateAccount(fakeKeyName2, tests.TestMnemonic, "", "", "1", keyring.Secp256k1)
+	path2 := hd.NewFundraiserParams(1, sdk.CoinType, 1).String()
 	_, err = kb.NewAccount(fakeKeyName2, tests.TestMnemonic, "", path2, hd.Secp256k1)
 	require.NoError(t, err)
 	// Now try single key
@ -69,7 +73,7 @@ func Test_runShowCmd(t *testing.T) {
 	// try fetch by name
 	require.NoError(t, runShowCmd(cmd, []string{fakeKeyName1}))
 	// try fetch by addr
-	info, err := kb.Get(fakeKeyName1)
+	info, err := kb.Key(fakeKeyName1)
 	require.NoError(t, err)
 	require.NoError(t, runShowCmd(cmd, []string{info.GetAddress().String()}))
--- a/client/tx/factory.go
+++ b/client/tx/factory.go
@ -21,7 +21,7 @@ type AccountRetriever interface {
 // Factory defines a client transaction factory that facilitates generating and
 // signing an application-specific transaction.
 type Factory struct {
-	keybase            keyring.Keybase
+	keybase            keyring.Keyring
 	txGenerator        Generator
 	accountRetriever   AccountRetriever
 	accountNumber      uint64
@ -36,7 +36,7 @@ type Factory struct {
 }
 func NewFactoryFromCLI(input io.Reader) Factory {
-	kb, err := keyring.NewKeyring(
+	kb, err := keyring.New(
 		sdk.KeyringServiceName(),
 		viper.GetString(flags.FlagKeyringBackend),
 		viper.GetString(flags.FlagHome),
@ -68,7 +68,7 @@ func (f Factory) AccountNumber() uint64              { return f.accountNumber }
 func (f Factory) Sequence() uint64                   { return f.sequence }
 func (f Factory) Gas() uint64                        { return f.gas }
 func (f Factory) GasAdjustment() float64             { return f.gasAdjustment }
-func (f Factory) Keybase() keyring.Keybase           { return f.keybase }
+func (f Factory) Keybase() keyring.Keyring           { return f.keybase }
 func (f Factory) ChainID() string                    { return f.chainID }
 func (f Factory) Memo() string                       { return f.memo }
 func (f Factory) Fees() sdk.Coins                    { return f.fees }
@ -126,7 +126,7 @@ func (f Factory) WithGasPrices(gasPrices string) Factory {
 }
 // WithKeybase returns a copy of the Factory with updated Keybase.
-func (f Factory) WithKeybase(keybase keyring.Keybase) Factory {
+func (f Factory) WithKeybase(keybase keyring.Keyring) Factory {
 	f.keybase = keybase
 	return f
 }
--- a/client/tx/tx.go
+++ b/client/tx/tx.go
@ -127,7 +127,7 @@ func BroadcastTx(ctx context.CLIContext, txf Factory, msgs ...sdk.Msg) error {
 		_, _ = fmt.Fprintf(os.Stderr, "%s\n\n", out)
 		buf := bufio.NewReader(os.Stdin)
-		ok, err := input.GetConfirmation("confirm transaction before signing and broadcasting", buf)
+		ok, err := input.GetConfirmation("confirm transaction before signing and broadcasting", buf, os.Stderr)
 		if err != nil || !ok {
 			_, _ = fmt.Fprintf(os.Stderr, "%s\n", "cancelled transaction")
 			return err
@ -332,7 +332,7 @@ func Sign(txf Factory, name, passphrase string, tx ClientTx) ([]byte, error) {
 		return nil, err
 	}
-	sigBytes, pubkey, err := txf.keybase.Sign(name, passphrase, signBytes)
+	sigBytes, pubkey, err := txf.keybase.Sign(name, signBytes)
 	if err != nil {
 		return nil, err
 	}
--- a/crypto/armor_test.go
+++ b/crypto/armor_test.go
@ -15,8 +15,11 @@ import (
 	"github.com/tendermint/tendermint/crypto/secp256k1"
 	"github.com/tendermint/tendermint/crypto/xsalsa20symmetric"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/crypto"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"github.com/cosmos/cosmos-sdk/types"
 )
 func TestArmorUnarmorPrivKey(t *testing.T) {
@ -26,7 +29,7 @@ func TestArmorUnarmorPrivKey(t *testing.T) {
 	require.Error(t, err)
 	decrypted, algo, err := crypto.UnarmorDecryptPrivKey(armored, "passphrase")
 	require.NoError(t, err)
-	require.Equal(t, string(keyring.Secp256k1), algo)
+	require.Equal(t, string(hd.Secp256k1Type), algo)
 	require.True(t, priv.Equals(decrypted))
 	// empty string
@ -70,14 +73,14 @@ func TestArmorUnarmorPubKey(t *testing.T) {
 	cstore := keyring.NewInMemory()
 	// Add keys and see they return in alphabetical order
-	info, _, err := cstore.CreateMnemonic("Bob", keyring.English, "passphrase", keyring.Secp256k1)
+	info, _, err := cstore.NewMnemonic("Bob", keyring.English, types.FullFundraiserPath, hd.Secp256k1)
 	require.NoError(t, err)
 	armored := crypto.ArmorPubKeyBytes(info.GetPubKey().Bytes(), "")
 	pubBytes, algo, err := crypto.UnarmorPubKeyBytes(armored)
 	require.NoError(t, err)
 	pub, err := cryptoAmino.PubKeyFromBytes(pubBytes)
 	require.NoError(t, err)
-	require.Equal(t, string(keyring.Secp256k1), algo)
+	require.Equal(t, string(hd.Secp256k1Type), algo)
 	require.True(t, pub.Equals(info.GetPubKey()))
 	armored = crypto.ArmorPubKeyBytes(info.GetPubKey().Bytes(), "unknown")
@ -88,7 +91,7 @@ func TestArmorUnarmorPubKey(t *testing.T) {
 	require.Equal(t, "unknown", algo)
 	require.True(t, pub.Equals(info.GetPubKey()))
-	armored, err = cstore.ExportPrivKey("Bob", "passphrase", "alessio")
+	armored, err = cstore.ExportPrivKeyArmor("Bob", "passphrase")
 	require.NoError(t, err)
 	_, _, err = crypto.UnarmorPubKeyBytes(armored)
 	require.Error(t, err)
--- a/crypto/hd/algo.go
+++ b/crypto/hd/algo.go
@ -0,0 +1,68 @@
 package hd
 import (
 	"github.com/cosmos/go-bip39"
 	"github.com/tendermint/tendermint/crypto"
 	"github.com/tendermint/tendermint/crypto/secp256k1"
 )
 // PubKeyType defines an algorithm to derive key-pairs which can be used for cryptographic signing.
 type PubKeyType string
 const (
 	// MultiType implies that a pubkey is a multisignature
 	MultiType = PubKeyType("multi")
 	// Secp256k1Type uses the Bitcoin secp256k1 ECDSA parameters.
 	Secp256k1Type = PubKeyType("secp256k1")
 	// Ed25519Type represents the Ed25519Type signature system.
 	// It is currently not supported for end-user keys (wallets/ledgers).
 	Ed25519Type = PubKeyType("ed25519")
 	// Sr25519Type represents the Sr25519Type signature system.
 	Sr25519Type = PubKeyType("sr25519")
 )
 var (
 	// Secp256k1 uses the Bitcoin secp256k1 ECDSA parameters.
 	Secp256k1 = secp256k1Algo{}
 )
 type DeriveFn func(mnemonic string, bip39Passphrase, hdPath string) ([]byte, error)
 type GenerateFn func(bz []byte) crypto.PrivKey
 type WalletGenerator interface {
 	Derive(mnemonic string, bip39Passphrase, hdPath string) ([]byte, error)
 	Generate(bz []byte) crypto.PrivKey
 }
 type secp256k1Algo struct {
 }
 func (s secp256k1Algo) Name() PubKeyType {
 	return Secp256k1Type
 }
 // Derive derives and returns the secp256k1 private key for the given seed and HD path.
 func (s secp256k1Algo) Derive() DeriveFn {
 	return func(mnemonic string, bip39Passphrase, hdPath string) ([]byte, error) {
 		seed, err := bip39.NewSeedWithErrorChecking(mnemonic, bip39Passphrase)
 		if err != nil {
 			return nil, err
 		}
 		masterPriv, ch := ComputeMastersFromSeed(seed)
 		if len(hdPath) == 0 {
 			return masterPriv[:], nil
 		}
 		derivedKey, err := DerivePrivateKeyForPath(masterPriv, ch, hdPath)
 		return derivedKey[:], err
 	}
 }
 // Generate generates a secp256k1 private key from the given bytes.
 func (s secp256k1Algo) Generate() GenerateFn {
 	return func(bz []byte) crypto.PrivKey {
 		var bzArr [32]byte
 		copy(bzArr[:], bz)
 		return secp256k1.PrivKeySecp256k1(bzArr)
 	}
 }
--- a/crypto/hd/algo_test.go
+++ b/crypto/hd/algo_test.go
@ -0,0 +1,16 @@
 package hd_test
 import (
 	"testing"
 	"github.com/stretchr/testify/require"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 )
 func TestDefaults(t *testing.T) {
 	require.Equal(t, hd.PubKeyType("multi"), hd.MultiType)
 	require.Equal(t, hd.PubKeyType("secp256k1"), hd.Secp256k1Type)
 	require.Equal(t, hd.PubKeyType("ed25519"), hd.Ed25519Type)
 	require.Equal(t, hd.PubKeyType("sr25519"), hd.Sr25519Type)
 }
--- a/crypto/hd/doc.go
+++ b/crypto/hd/doc.go
@ -0,0 +1,12 @@
 // Package hd provides support for hierarchical deterministic wallets generation and derivation.
 //
 // The user must understand the overall concept of the BIP 32 and the BIP 44 specs:
 //  https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki
 //  https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki
 //
 // In combination with the bip39 package in go-crypto this package provides the functionality for
 // deriving keys using a BIP 44 HD path, or, more general, by passing a BIP 32 path.
 //
 // In particular, this package (together with bip39) provides all necessary functionality to derive
 // keys from mnemonics generated during the cosmos fundraiser.
 package hd
--- a/crypto/keys/hd/fundraiser_test.go
+++ b/crypto/keys/hd/fundraiser_test.go
@ -1,4 +1,4 @@
-package hd
+package hd_test
 import (
 	"encoding/hex"
@ -13,6 +13,8 @@ import (
 	"github.com/tendermint/tendermint/crypto"
 	"github.com/tendermint/tendermint/crypto/secp256k1"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 )
 type addrData struct {
@ -24,19 +26,23 @@ type addrData struct {
 	Addr     string
 }
 func TestFullFundraiserPath(t *testing.T) {
 	require.Equal(t, "44'/118'/0'/0/0", hd.NewFundraiserParams(0, 118, 0).String())
 }
 func initFundraiserTestVectors(t *testing.T) []addrData {
 	// NOTE: atom fundraiser address
 	// var hdPath string = "m/44'/118'/0'/0/0"
 	var hdToAddrTable []addrData
-	b, err := ioutil.ReadFile("test.json")
+	b, err := ioutil.ReadFile("testdata/test.json")
 	if err != nil {
-		t.Fatalf("could not read fundraiser test vector file (test.json): %s", err)
+		t.Fatalf("could not read fundraiser test vector file (testdata/test.json): %s", err)
 	}
 	err = json.Unmarshal(b, &hdToAddrTable)
 	if err != nil {
-		t.Fatalf("could not decode test vectors (test.json): %s", err)
+		t.Fatalf("could not decode test vectors (testdata/test.json): %s", err)
 	}
 	return hdToAddrTable
 }
@ -56,8 +62,8 @@ func TestFundraiserCompatibility(t *testing.T) {
 		t.Log("================================")
 		t.Logf("ROUND: %d MNEMONIC: %s", i, d.Mnemonic)
-		master, ch := ComputeMastersFromSeed(seed)
+		master, ch := hd.ComputeMastersFromSeed(seed)
-		priv, err := DerivePrivateKeyForPath(master, ch, "44'/118'/0'/0/0")
+		priv, err := hd.DerivePrivateKeyForPath(master, ch, "44'/118'/0'/0/0")
 		require.NoError(t, err)
 		pub := secp256k1.PrivKeySecp256k1(priv).PubKey()
--- a/crypto/keys/hd/hdpath.go
+++ b/crypto/keys/hd/hdpath.go
@ -1,20 +1,8 @@
 // Package hd provides basic functionality Hierarchical Deterministic Wallets.
 //
 // The user must understand the overall concept of the BIP 32 and the BIP 44 specs:
 //  https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki
 //  https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki
 //
 // In combination with the bip39 package in go-crypto this package provides the functionality for deriving keys using a
 // BIP 44 HD path, or, more general, by passing a BIP 32 path.
 //
 // In particular, this package (together with bip39) provides all necessary functionality to derive keys from
 // mnemonics generated during the cosmos fundraiser.
 package hd
 import (
 	"crypto/hmac"
 	"crypto/sha512"
 	"encoding/binary"
 	"errors"
 	"fmt"
@ -255,3 +243,8 @@ func i64(key []byte, data []byte) (il [32]byte, ir [32]byte) {
 	return
 }
 // CreateHDPath returns BIP 44 object from account and index parameters.
 func CreateHDPath(coinType, account, index uint32) *BIP44Params {
 	return NewFundraiserParams(account, coinType, index)
 }
--- a/crypto/keys/hd/hdpath_test.go
+++ b/crypto/keys/hd/hdpath_test.go
@ -1,10 +1,11 @@
-package hd
+package hd_test
 import (
 	"encoding/hex"
 	"fmt"
 	"testing"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/types"
 	bip39 "github.com/cosmos/go-bip39"
@ -21,9 +22,9 @@ func mnemonicToSeed(mnemonic string) []byte {
 // nolint:govet
 func ExampleStringifyPathParams() {
-	path := NewParams(44, 0, 0, false, 0)
+	path := hd.NewParams(44, 0, 0, false, 0)
 	fmt.Println(path.String())
-	path = NewParams(44, 33, 7, true, 9)
+	path = hd.NewParams(44, 33, 7, true, 9)
 	fmt.Println(path.String())
 	// Output:
 	// 44'/0'/0'/0/0
@ -31,40 +32,40 @@ func ExampleStringifyPathParams() {
 }
 func TestStringifyFundraiserPathParams(t *testing.T) {
-	path := NewFundraiserParams(4, types.CoinType, 22)
+	path := hd.NewFundraiserParams(4, types.CoinType, 22)
 	require.Equal(t, "44'/118'/4'/0/22", path.String())
-	path = NewFundraiserParams(4, types.CoinType, 57)
+	path = hd.NewFundraiserParams(4, types.CoinType, 57)
 	require.Equal(t, "44'/118'/4'/0/57", path.String())
-	path = NewFundraiserParams(4, 12345, 57)
+	path = hd.NewFundraiserParams(4, 12345, 57)
 	require.Equal(t, "44'/12345'/4'/0/57", path.String())
 }
 func TestPathToArray(t *testing.T) {
-	path := NewParams(44, 118, 1, false, 4)
+	path := hd.NewParams(44, 118, 1, false, 4)
 	require.Equal(t, "[44 118 1 0 4]", fmt.Sprintf("%v", path.DerivationPath()))
-	path = NewParams(44, 118, 2, true, 15)
+	path = hd.NewParams(44, 118, 2, true, 15)
 	require.Equal(t, "[44 118 2 1 15]", fmt.Sprintf("%v", path.DerivationPath()))
 }
 func TestParamsFromPath(t *testing.T) {
 	goodCases := []struct {
-		params *BIP44Params
+		params *hd.BIP44Params
 		path   string
 	}{
-		{&BIP44Params{44, 0, 0, false, 0}, "44'/0'/0'/0/0"},
+		{&hd.BIP44Params{44, 0, 0, false, 0}, "44'/0'/0'/0/0"},
-		{&BIP44Params{44, 1, 0, false, 0}, "44'/1'/0'/0/0"},
+		{&hd.BIP44Params{44, 1, 0, false, 0}, "44'/1'/0'/0/0"},
-		{&BIP44Params{44, 0, 1, false, 0}, "44'/0'/1'/0/0"},
+		{&hd.BIP44Params{44, 0, 1, false, 0}, "44'/0'/1'/0/0"},
-		{&BIP44Params{44, 0, 0, true, 0}, "44'/0'/0'/1/0"},
+		{&hd.BIP44Params{44, 0, 0, true, 0}, "44'/0'/0'/1/0"},
-		{&BIP44Params{44, 0, 0, false, 1}, "44'/0'/0'/0/1"},
+		{&hd.BIP44Params{44, 0, 0, false, 1}, "44'/0'/0'/0/1"},
-		{&BIP44Params{44, 1, 1, true, 1}, "44'/1'/1'/1/1"},
+		{&hd.BIP44Params{44, 1, 1, true, 1}, "44'/1'/1'/1/1"},
-		{&BIP44Params{44, 118, 52, true, 41}, "44'/118'/52'/1/41"},
+		{&hd.BIP44Params{44, 118, 52, true, 41}, "44'/118'/52'/1/41"},
 	}
 	for i, c := range goodCases {
-		params, err := NewParamsFromPath(c.path)
+		params, err := hd.NewParamsFromPath(c.path)
 		errStr := fmt.Sprintf("%d %v", i, c)
 		assert.NoError(t, err, errStr)
 		assert.EqualValues(t, c.params, params, errStr)
@ -93,7 +94,7 @@ func TestParamsFromPath(t *testing.T) {
 	}
 	for i, c := range badCases {
-		params, err := NewParamsFromPath(c.path)
+		params, err := hd.NewParamsFromPath(c.path)
 		errStr := fmt.Sprintf("%d %v", i, c)
 		assert.Nil(t, params, errStr)
 		assert.Error(t, err, errStr)
@ -106,38 +107,38 @@ func ExampleSomeBIP32TestVecs() {
 	seed := mnemonicToSeed("barrel original fuel morning among eternal " +
 		"filter ball stove pluck matrix mechanic")
-	master, ch := ComputeMastersFromSeed(seed)
+	master, ch := hd.ComputeMastersFromSeed(seed)
 	fmt.Println("keys from fundraiser test-vector (cosmos, bitcoin, ether)")
 	fmt.Println()
 	// cosmos
-	priv, err := DerivePrivateKeyForPath(master, ch, types.FullFundraiserPath)
+	priv, err := hd.DerivePrivateKeyForPath(master, ch, types.FullFundraiserPath)
 	if err != nil {
 		fmt.Println("INVALID")
 	} else {
 		fmt.Println(hex.EncodeToString(priv[:]))
 	}
 	// bitcoin
-	priv, err = DerivePrivateKeyForPath(master, ch, "44'/0'/0'/0/0")
+	priv, err = hd.DerivePrivateKeyForPath(master, ch, "44'/0'/0'/0/0")
 	if err != nil {
 		fmt.Println("INVALID")
 	} else {
 		fmt.Println(hex.EncodeToString(priv[:]))
 	}
 	// ether
-	priv, err = DerivePrivateKeyForPath(master, ch, "44'/60'/0'/0/0")
+	priv, err = hd.DerivePrivateKeyForPath(master, ch, "44'/60'/0'/0/0")
 	if err != nil {
 		fmt.Println("INVALID")
 	} else {
 		fmt.Println(hex.EncodeToString(priv[:]))
 	}
 	// INVALID
-	priv, err = DerivePrivateKeyForPath(master, ch, "X/0'/0'/0/0")
+	priv, err = hd.DerivePrivateKeyForPath(master, ch, "X/0'/0'/0/0")
 	if err != nil {
 		fmt.Println("INVALID")
 	} else {
 		fmt.Println(hex.EncodeToString(priv[:]))
 	}
-	priv, err = DerivePrivateKeyForPath(master, ch, "-44/0'/0'/0/0")
+	priv, err = hd.DerivePrivateKeyForPath(master, ch, "-44/0'/0'/0/0")
 	if err != nil {
 		fmt.Println("INVALID")
 	} else {
@ -151,14 +152,14 @@ func ExampleSomeBIP32TestVecs() {
 	seed = mnemonicToSeed(
 		"advice process birth april short trust crater change bacon monkey medal garment " +
 			"gorilla ranch hour rival razor call lunar mention taste vacant woman sister")
-	master, ch = ComputeMastersFromSeed(seed)
+	master, ch = hd.ComputeMastersFromSeed(seed)
-	priv, _ = DerivePrivateKeyForPath(master, ch, "44'/1'/1'/0/4")
+	priv, _ = hd.DerivePrivateKeyForPath(master, ch, "44'/1'/1'/0/4")
 	fmt.Println(hex.EncodeToString(priv[:]))
 	seed = mnemonicToSeed("idea naive region square margin day captain habit " +
 		"gun second farm pact pulse someone armed")
-	master, ch = ComputeMastersFromSeed(seed)
+	master, ch = hd.ComputeMastersFromSeed(seed)
-	priv, _ = DerivePrivateKeyForPath(master, ch, "44'/0'/0'/0/420")
+	priv, _ = hd.DerivePrivateKeyForPath(master, ch, "44'/0'/0'/0/420")
 	fmt.Println(hex.EncodeToString(priv[:]))
 	fmt.Println()
@ -167,8 +168,8 @@ func ExampleSomeBIP32TestVecs() {
 	// bip32 path: m/0/7
 	seed = mnemonicToSeed("monitor flock loyal sick object grunt duty ride develop assault harsh history")
-	master, ch = ComputeMastersFromSeed(seed)
+	master, ch = hd.ComputeMastersFromSeed(seed)
-	priv, _ = DerivePrivateKeyForPath(master, ch, "0/7")
+	priv, _ = hd.DerivePrivateKeyForPath(master, ch, "0/7")
 	fmt.Println(hex.EncodeToString(priv[:]))
 	// Output: keys from fundraiser test-vector (cosmos, bitcoin, ether)
@ -188,3 +189,27 @@ func ExampleSomeBIP32TestVecs() {
 	//
 	// c4c11d8c03625515905d7e89d25dfc66126fbc629ecca6db489a1a72fc4bda78
 }
 func TestCreateHDPath(t *testing.T) {
 	type args struct {
 		coinType uint32
 		account  uint32
 		index    uint32
 	}
 	tests := []struct {
 		name string
 		args args
 		want hd.BIP44Params
 	}{
 		{"44'/0'/0'/0/0", args{0, 0, 0}, hd.BIP44Params{Purpose: 44}},
 		{"44'/114'/0'/0/0", args{114, 0, 0}, hd.BIP44Params{Purpose: 44, CoinType: 114, Account: 0, AddressIndex: 0}},
 		{"44'/114'/1'/1/0", args{114, 1, 1}, hd.BIP44Params{Purpose: 44, CoinType: 114, Account: 1, AddressIndex: 1}},
 	}
 	for _, tt := range tests {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
 			tt := tt
 			require.Equal(t, tt.want, *hd.CreateHDPath(tt.args.coinType, tt.args.account, tt.args.index))
 		})
 	}
 }
--- a/crypto/hd/testdata/test.json
+++ b/crypto/hd/testdata/test.json
--- a/crypto/keyring/base_keybase.go
+++ b/crypto/keyring/base_keybase.go
@ -1,234 +0,0 @@
 package keyring
 import (
 	"github.com/pkg/errors"
 	tmcrypto "github.com/tendermint/tendermint/crypto"
 	"github.com/tendermint/tendermint/crypto/secp256k1"
 	"github.com/cosmos/cosmos-sdk/crypto"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/hd"
 	"github.com/cosmos/cosmos-sdk/types"
 	bip39 "github.com/cosmos/go-bip39"
 )
 type (
 	// baseKeybase is an auxiliary type that groups Keybase storage agnostic features
 	// together.
 	baseKeybase struct {
 		options kbOptions
 	}
 	keyWriter interface {
 		writeLocalKeyer
 		infoWriter
 	}
 	writeLocalKeyer interface {
 		writeLocalKey(name string, priv tmcrypto.PrivKey, algo SigningAlgo) Info
 	}
 	infoWriter interface {
 		writeInfo(name string, info Info)
 	}
 )
 var fundraiserPath = types.GetConfig().GetFullFundraiserPath()
 // newBaseKeybase generates the base keybase with defaulting to tendermint SECP256K1 key type
 func newBaseKeybase(optionsFns ...KeybaseOption) baseKeybase {
 	// Default options for keybase
 	options := kbOptions{
 		keygenFunc:           StdPrivKeyGen,
 		deriveFunc:           StdDeriveKey,
 		supportedAlgos:       []SigningAlgo{Secp256k1},
 		supportedAlgosLedger: []SigningAlgo{Secp256k1},
 	}
 	for _, optionFn := range optionsFns {
 		optionFn(&options)
 	}
 	return baseKeybase{options: options}
 }
 // StdPrivKeyGen is the default PrivKeyGen function in the keybase.
 // For now, it only supports Secp256k1
 func StdPrivKeyGen(bz []byte, algo SigningAlgo) (tmcrypto.PrivKey, error) {
 	if algo == Secp256k1 {
 		return SecpPrivKeyGen(bz), nil
 	}
 	return nil, ErrUnsupportedSigningAlgo
 }
 // SecpPrivKeyGen generates a secp256k1 private key from the given bytes
 func SecpPrivKeyGen(bz []byte) tmcrypto.PrivKey {
 	var bzArr [32]byte
 	copy(bzArr[:], bz)
 	return secp256k1.PrivKeySecp256k1(bzArr)
 }
 // CreateAccount creates an account Info object.
 func (kb baseKeybase) CreateAccount(
 	keyWriter keyWriter, name, mnemonic, bip39Passphrase, encryptPasswd, hdPath string, algo SigningAlgo,
 ) (Info, error) {
 	// create master key and derive first key for keyring
 	derivedPriv, err := kb.options.deriveFunc(mnemonic, bip39Passphrase, hdPath, algo)
 	if err != nil {
 		return nil, err
 	}
 	privKey, err := kb.options.keygenFunc(derivedPriv, algo)
 	if err != nil {
 		return nil, err
 	}
 	var info Info
 	if encryptPasswd != "" {
 		info = keyWriter.writeLocalKey(name, privKey, algo)
 	} else {
 		info = kb.writeOfflineKey(keyWriter, name, privKey.PubKey(), algo)
 	}
 	return info, nil
 }
 // CreateLedger creates a new reference to a Ledger key pair. It returns a public
 // key and a derivation path. It returns an error if the device could not be queried.
 func (kb baseKeybase) CreateLedger(
 	w infoWriter, name string, algo SigningAlgo, hrp string, account, index uint32,
 ) (Info, error) {
 	if !IsSupportedAlgorithm(kb.SupportedAlgosLedger(), algo) {
 		return nil, ErrUnsupportedSigningAlgo
 	}
 	coinType := types.GetConfig().GetCoinType()
 	hdPath := hd.NewFundraiserParams(account, coinType, index)
 	priv, _, err := crypto.NewPrivKeyLedgerSecp256k1(*hdPath, hrp)
 	if err != nil {
 		return nil, err
 	}
 	return kb.writeLedgerKey(w, name, priv.PubKey(), *hdPath, algo), nil
 }
 // CreateMnemonic generates a new key with the given algorithm and language pair.
 func (kb baseKeybase) CreateMnemonic(
 	keyWriter keyWriter, name string, language Language, passwd string, algo SigningAlgo,
 ) (info Info, mnemonic string, err error) {
 	if language != English {
 		return nil, "", ErrUnsupportedLanguage
 	}
 	if !IsSupportedAlgorithm(kb.SupportedAlgos(), algo) {
 		return nil, "", ErrUnsupportedSigningAlgo
 	}
 	// Default number of words (24): This generates a mnemonic directly from the
 	// number of words by reading system entropy.
 	entropy, err := bip39.NewEntropy(defaultEntropySize)
 	if err != nil {
 		return nil, "", err
 	}
 	mnemonic, err = bip39.NewMnemonic(entropy)
 	if err != nil {
 		return nil, "", err
 	}
 	info, err = kb.CreateAccount(keyWriter, name, mnemonic, DefaultBIP39Passphrase, passwd, fundraiserPath, algo)
 	if err != nil {
 		return nil, "", err
 	}
 	return info, mnemonic, err
 }
 func (kb baseKeybase) writeLedgerKey(w infoWriter, name string, pub tmcrypto.PubKey, path hd.BIP44Params, algo SigningAlgo) Info {
 	info := newLedgerInfo(name, pub, path, algo)
 	w.writeInfo(name, info)
 	return info
 }
 func (kb baseKeybase) writeOfflineKey(w infoWriter, name string, pub tmcrypto.PubKey, algo SigningAlgo) Info {
 	info := newOfflineInfo(name, pub, algo)
 	w.writeInfo(name, info)
 	return info
 }
 func (kb baseKeybase) writeMultisigKey(w infoWriter, name string, pub tmcrypto.PubKey) Info {
 	info := NewMultiInfo(name, pub)
 	w.writeInfo(name, info)
 	return info
 }
 // StdDeriveKey is the default DeriveKey function in the keybase.
 // For now, it only supports Secp256k1
 func StdDeriveKey(mnemonic string, bip39Passphrase, hdPath string, algo SigningAlgo) ([]byte, error) {
 	if algo == Secp256k1 {
 		return SecpDeriveKey(mnemonic, bip39Passphrase, hdPath)
 	}
 	return nil, ErrUnsupportedSigningAlgo
 }
 // SecpDeriveKey derives and returns the secp256k1 private key for the given seed and HD path.
 func SecpDeriveKey(mnemonic string, bip39Passphrase, hdPath string) ([]byte, error) {
 	seed, err := bip39.NewSeedWithErrorChecking(mnemonic, bip39Passphrase)
 	if err != nil {
 		return nil, err
 	}
 	masterPriv, ch := hd.ComputeMastersFromSeed(seed)
 	if len(hdPath) == 0 {
 		return masterPriv[:], nil
 	}
 	derivedKey, err := hd.DerivePrivateKeyForPath(masterPriv, ch, hdPath)
 	return derivedKey[:], err
 }
 // CreateHDPath returns BIP 44 object from account and index parameters.
 func CreateHDPath(account uint32, index uint32) *hd.BIP44Params {
 	return hd.NewFundraiserParams(account, types.GetConfig().GetCoinType(), index)
 }
 // SupportedAlgos returns a list of supported signing algorithms.
 func (kb baseKeybase) SupportedAlgos() []SigningAlgo {
 	return kb.options.supportedAlgos
 }
 // SupportedAlgosLedger returns a list of supported ledger signing algorithms.
 func (kb baseKeybase) SupportedAlgosLedger() []SigningAlgo {
 	return kb.options.supportedAlgosLedger
 }
 // SignWithLedger signs a binary message with the ledger device referenced by an Info object
 // and returns the signed bytes and the public key. It returns an error if the device could
 // not be queried or it returned an error.
 func SignWithLedger(info Info, msg []byte) (sig []byte, pub tmcrypto.PubKey, err error) {
 	switch info.(type) {
 	case *ledgerInfo, ledgerInfo:
 	default:
 		return nil, nil, errors.New("not a ledger object")
 	}
 	path, err := info.GetPath()
 	if err != nil {
 		return
 	}
 	priv, err := crypto.NewPrivKeyLedgerSecp256k1Unsafe(*path)
 	if err != nil {
 		return
 	}
 	sig, err = priv.Sign(msg)
 	if err != nil {
 		return nil, nil, err
 	}
 	return sig, priv.PubKey(), nil
 }
--- a/crypto/keyring/codec.go
+++ b/crypto/keyring/codec.go
@ -4,7 +4,7 @@ import (
 	cryptoAmino "github.com/tendermint/tendermint/crypto/encoding/amino"
 	"github.com/cosmos/cosmos-sdk/codec"
-	"github.com/cosmos/cosmos-sdk/crypto/keys/hd"
+	"github.com/cosmos/cosmos-sdk/crypto/hd"
 )
 // CryptoCdc defines the codec required for keys and info
--- a/crypto/keyring/doc.go
+++ b/crypto/keyring/doc.go
@ -19,9 +19,9 @@
 // generated keys are discarded when the process terminates or the type instance is garbage
 // collected.
 //
-// NewKeyring
+// New
 //
-// The NewKeyring constructor returns an implementation backed by a keyring library
+// The New constructor returns an implementation backed by a keyring library
 // (https://github.com/99designs/keyring), whose aim is to provide a common abstraction and uniform
 // interface between secret stores available for Windows, macOS, and most GNU/Linux distributions
 // as well as operating system-agnostic encrypted file-based backends.
--- a/crypto/keyring/info.go
+++ b/crypto/keyring/info.go
@ -6,7 +6,7 @@ import (
 	"github.com/tendermint/tendermint/crypto"
 	"github.com/tendermint/tendermint/crypto/multisig"
-	"github.com/cosmos/cosmos-sdk/crypto/keys/hd"
+	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/types"
 )
@ -23,7 +23,7 @@ type Info interface {
 	// Bip44 Path
 	GetPath() (*hd.BIP44Params, error)
 	// Algo
-	GetAlgo() SigningAlgo
+	GetAlgo() hd.PubKeyType
 }
 var (
@ -39,10 +39,10 @@ type localInfo struct {
 	Name         string        `json:"name"`
 	PubKey       crypto.PubKey `json:"pubkey"`
 	PrivKeyArmor string        `json:"privkey.armor"`
-	Algo         SigningAlgo   `json:"algo"`
+	Algo         hd.PubKeyType `json:"algo"`
 }
-func newLocalInfo(name string, pub crypto.PubKey, privArmor string, algo SigningAlgo) Info {
+func newLocalInfo(name string, pub crypto.PubKey, privArmor string, algo hd.PubKeyType) Info {
 	return &localInfo{
 		Name:         name,
 		PubKey:       pub,
@ -72,7 +72,7 @@ func (i localInfo) GetAddress() types.AccAddress {
 }
 // GetType implements Info interface
-func (i localInfo) GetAlgo() SigningAlgo {
+func (i localInfo) GetAlgo() hd.PubKeyType {
 	return i.Algo
 }
@ -87,10 +87,10 @@ type ledgerInfo struct {
 	Name   string         `json:"name"`
 	PubKey crypto.PubKey  `json:"pubkey"`
 	Path   hd.BIP44Params `json:"path"`
-	Algo   SigningAlgo    `json:"algo"`
+	Algo   hd.PubKeyType  `json:"algo"`
 }
-func newLedgerInfo(name string, pub crypto.PubKey, path hd.BIP44Params, algo SigningAlgo) Info {
+func newLedgerInfo(name string, pub crypto.PubKey, path hd.BIP44Params, algo hd.PubKeyType) Info {
 	return &ledgerInfo{
 		Name:   name,
 		PubKey: pub,
@ -120,7 +120,7 @@ func (i ledgerInfo) GetAddress() types.AccAddress {
 }
 // GetPath implements Info interface
-func (i ledgerInfo) GetAlgo() SigningAlgo {
+func (i ledgerInfo) GetAlgo() hd.PubKeyType {
 	return i.Algo
 }
@ -135,10 +135,10 @@ func (i ledgerInfo) GetPath() (*hd.BIP44Params, error) {
 type offlineInfo struct {
 	Name   string        `json:"name"`
 	PubKey crypto.PubKey `json:"pubkey"`
-	Algo   SigningAlgo   `json:"algo"`
+	Algo   hd.PubKeyType `json:"algo"`
 }
-func newOfflineInfo(name string, pub crypto.PubKey, algo SigningAlgo) Info {
+func newOfflineInfo(name string, pub crypto.PubKey, algo hd.PubKeyType) Info {
 	return &offlineInfo{
 		Name:   name,
 		PubKey: pub,
@ -162,7 +162,7 @@ func (i offlineInfo) GetPubKey() crypto.PubKey {
 }
 // GetAlgo returns the signing algorithm for the key
-func (i offlineInfo) GetAlgo() SigningAlgo {
+func (i offlineInfo) GetAlgo() hd.PubKeyType {
 	return i.Algo
 }
@ -228,8 +228,8 @@ func (i multiInfo) GetAddress() types.AccAddress {
 }
 // GetPath implements Info interface
-func (i multiInfo) GetAlgo() SigningAlgo {
+func (i multiInfo) GetAlgo() hd.PubKeyType {
-	return MultiAlgo
+	return hd.MultiType
 }
 // GetPath implements Info interface
--- a/crypto/keyring/keybase.go
+++ b/crypto/keyring/keybase.go
@ -1,76 +0,0 @@
 package keyring
 import (
 	"github.com/tendermint/tendermint/crypto"
 	"github.com/cosmos/cosmos-sdk/types"
 )
 // Keybase exposes operations on a generic keystore
 type Keybase interface {
 	// CRUD on the keystore
 	List() ([]Info, error)
 	// Get returns the public information about one key.
 	Get(name string) (Info, error)
 	// Get performs a by-address lookup and returns the public
 	// information about one key if there's any.
 	GetByAddress(address types.AccAddress) (Info, error)
 	// Delete removes a key.
 	Delete(name, passphrase string, skipPass bool) error
 	// Sign bytes, looking up the private key to use.
 	Sign(name, passphrase string, msg []byte) ([]byte, crypto.PubKey, error)
 	// CreateMnemonic generates a new mnemonic, derives a hierarchical deterministic
 	// key from that. and persists it to storage, encrypted using the provided password.
 	// It returns the generated mnemonic and the key Info. It returns an error if it fails to
 	// generate a key for the given algo type, or if another key is already stored under the
 	// same name.
 	CreateMnemonic(name string, language Language, passwd string, algo SigningAlgo) (info Info, seed string, err error)
 	// CreateAccount converts a mnemonic to a private key and BIP 32 HD Path
 	// and persists it, encrypted with the given password.
 	CreateAccount(name, mnemonic, bip39Passwd, encryptPasswd, hdPath string, algo SigningAlgo) (Info, error)
 	// CreateLedger creates, stores, and returns a new Ledger key reference
 	CreateLedger(name string, algo SigningAlgo, hrp string, account, index uint32) (info Info, err error)
 	// CreateOffline creates, stores, and returns a new offline key reference
 	CreateOffline(name string, pubkey crypto.PubKey, algo SigningAlgo) (info Info, err error)
 	// CreateMulti creates, stores, and returns a new multsig (offline) key reference
 	CreateMulti(name string, pubkey crypto.PubKey) (info Info, err error)
 	// Import imports ASCII armored Info objects.
 	Import(name string, armor string) (err error)
 	// ImportPrivKey imports a private key in ASCII armor format.
 	// It returns an error if a key with the same name exists or a wrong encryption passphrase is
 	// supplied.
 	ImportPrivKey(name, armor, passphrase string) error
 	// ImportPubKey imports ASCII-armored public keys.
 	// Store a new Info object holding a public key only, i.e. it will
 	// not be possible to sign with it as it lacks the secret key.
 	ImportPubKey(name string, armor string) (err error)
 	// Export exports an Info object in ASCII armored format.
 	Export(name string) (armor string, err error)
 	// ExportPubKey returns public keys in ASCII armored format.
 	// Retrieve a Info object by its name and return the public key in
 	// a portable format.
 	ExportPubKey(name string) (armor string, err error)
 	// ExportPrivKey returns a private key in ASCII armored format.
 	// It returns an error if the key does not exist or a wrong encryption passphrase is supplied.
 	ExportPrivKey(name, decryptPassphrase, encryptPassphrase string) (armor string, err error)
 	// ExportPrivateKeyObject *only* works on locally-stored keys. Temporary method until we redo the exporting API
 	ExportPrivateKeyObject(name string, passphrase string) (crypto.PrivKey, error)
 	// SupportedAlgos returns a list of signing algorithms supported by the keybase
 	SupportedAlgos() []SigningAlgo
 	// SupportedAlgosLedger returns a list of signing algorithms supported by the keybase's ledger integration
 	SupportedAlgosLedger() []SigningAlgo
 }
--- a/crypto/keyring/keyring.go
+++ b/crypto/keyring/keyring.go
@ -12,15 +12,16 @@ import (
 	"strings"
 	"github.com/99designs/keyring"
 	"github.com/cosmos/go-bip39"
 	"github.com/pkg/errors"
 	"github.com/tendermint/crypto/bcrypt"
 	tmcrypto "github.com/tendermint/tendermint/crypto"
 	cryptoAmino "github.com/tendermint/tendermint/crypto/encoding/amino"
 	"github.com/cosmos/cosmos-sdk/client/input"
 	"github.com/cosmos/cosmos-sdk/crypto"
-	"github.com/cosmos/cosmos-sdk/types"
+	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
 )
@ -34,48 +35,116 @@ const (
 )
 const (
-	keyringDirNameFmt     = "keyring-%s"
+	keyringFileDirName = "keyring-file"
-	testKeyringDirNameFmt = "keyring-test-%s"
+	keyringTestDirName = "keyring-test"
-	passKeyringPrefix     = keyringDirNameFmt
+	passKeyringPrefix  = "keyring-%s"
 )
-var _ Keybase = keyringKeybase{}
+var (
 	_                          Keyring = &keystore{}
 	maxPassphraseEntryAttempts         = 3
 )
-// keyringKeybase implements the Keybase interface by using the Keyring library
+// Keyring exposes operations over a backend supported by github.com/99designs/keyring.
-// for account key persistence.
+type Keyring interface {
-type keyringKeybase struct {
+	// List all keys.
-	base baseKeybase
+	List() ([]Info, error)
-	db   keyring.Keyring
+
 	// Key and KeyByAddress return keys by uid and address respectively.
 	Key(uid string) (Info, error)
 	KeyByAddress(address sdk.Address) (Info, error)
 	// Delete and DeleteByAddress remove keys from the keyring.
 	Delete(uid string) error
 	DeleteByAddress(address sdk.Address) error
 	// NewMnemonic generates a new mnemonic, derives a hierarchical deterministic
 	// key from that, and persists it to the storage. Returns the generated mnemonic and the key
 	// Info. It returns an error if it fails to generate a key for the given algo type, or if
 	// another key is already stored under the same name.
 	NewMnemonic(uid string, language Language, hdPath string, algo SignatureAlgo) (Info, string, error)
 	// NewAccount converts a mnemonic to a private key and BIP-39 HD Path and persists it.
 	NewAccount(uid, mnemonic, bip39Passwd, hdPath string, algo SignatureAlgo) (Info, error)
 	// SaveLedgerKey retrieves a public key reference from a Ledger device and persists it.
 	SaveLedgerKey(uid string, algo SignatureAlgo, hrp string, coinType, account, index uint32) (Info, error)
 	// SavePubKey stores a public key and returns the persisted Info structure.
 	SavePubKey(uid string, pubkey tmcrypto.PubKey, algo hd.PubKeyType) (Info, error)
 	// SaveMultisig stores and returns a new multsig (offline) key reference.
 	SaveMultisig(uid string, pubkey tmcrypto.PubKey) (Info, error)
 	Signer
 	Importer
 	Exporter
 }
-var maxPassphraseEntryAttempts = 3
+// Signer is implemented by key stores that want to provide signing capabilities.
 type Signer interface {
 	// Sign sign byte messages with a user key.
 	Sign(uid string, msg []byte) ([]byte, tmcrypto.PubKey, error)
-func newKeyringKeybase(db keyring.Keyring, opts ...KeybaseOption) Keybase {
+	// SignByAddress sign byte messages with a user key providing the address.
-	return keyringKeybase{
+	SignByAddress(address sdk.Address, msg []byte) ([]byte, tmcrypto.PubKey, error)
 		db:   db,
 		base: newBaseKeybase(opts...),
 	}
 }
-// NewKeyring creates a new instance of a keyring. Keybase
+// Importer is implemented by key stores that support import of public and private keys.
-// options can be applied when generating this new Keybase.
+type Importer interface {
-// Available backends are "os", "file", "kwallet", "pass", "test".
+	// ImportPrivKey imports ASCII armored passphrase-encrypted private keys.
-func NewKeyring(
+	ImportPrivKey(uid, armor, passphrase string) error
-	appName, backend, rootDir string, userInput io.Reader, opts ...KeybaseOption,
+	// ImportPubKey imports ASCII armored public keys.
-) (Keybase, error) {
+	ImportPubKey(uid string, armor string) error
 }
 // Exporter is implemented by key stores that support export of public and private keys.
 type Exporter interface {
 	// Export public key
 	ExportPubKeyArmor(uid string) (string, error)
 	ExportPubKeyArmorByAddress(address sdk.Address) (string, error)
 	// ExportPrivKey returns a private key in ASCII armored format.
 	// It returns an error if the key does not exist or a wrong encryption passphrase is supplied.
 	ExportPrivKeyArmor(uid, encryptPassphrase string) (armor string, err error)
 	ExportPrivKeyArmorByAddress(address sdk.Address, encryptPassphrase string) (armor string, err error)
 }
 // Option overrides keyring configuration options.
 type Option func(options *Options)
 //Options define the options of the Keyring
 type Options struct {
 	SupportedAlgos       SigningAlgoList
 	SupportedAlgosLedger SigningAlgoList
 }
 // NewInMemory creates a transient keyring useful for testing
 // purposes and on-the-fly key generation.
 // Keybase options can be applied when generating this new Keybase.
 func NewInMemory(opts ...Option) Keyring {
 	return newKeystore(keyring.NewArrayKeyring(nil), opts...)
 }
 // NewKeyring creates a new instance of a keyring.
 // Keyring ptions can be applied when generating the new instance.
 // Available backends are "os", "file", "kwallet", "memory", "pass", "test".
 func New(
 	appName, backend, rootDir string, userInput io.Reader, opts ...Option,
 ) (Keyring, error) {
 	var db keyring.Keyring
 	var err error
 	switch backend {
 	case BackendMemory:
-		return NewInMemory(opts...), nil
+		return NewInMemory(opts...), err
 	case BackendTest:
-		db, err = keyring.Open(lkbToKeyringConfig(appName, rootDir, nil, true))
+		db, err = keyring.Open(newTestBackendKeyringConfig(appName, rootDir))
 	case BackendFile:
 		db, err = keyring.Open(newFileBackendKeyringConfig(appName, rootDir, userInput))
 	case BackendOS:
-		db, err = keyring.Open(lkbToKeyringConfig(appName, rootDir, userInput, false))
+		db, err = keyring.Open(newOSBackendKeyringConfig(appName, rootDir, userInput))
 	case BackendKWallet:
 		db, err = keyring.Open(newKWalletBackendKeyringConfig(appName, rootDir, userInput))
 	case BackendPass:
@ -83,168 +152,72 @@ func NewKeyring(
 	default:
 		return nil, fmt.Errorf("unknown keyring backend %v", backend)
 	}
 	if err != nil {
 		return nil, err
 	}
-	return newKeyringKeybase(db, opts...), nil
+	return newKeystore(db, opts...), nil
 }
-// NewInMemory creates a transient keyring useful for testing
+type keystore struct {
-// purposes and on-the-fly key generation.
+	db      keyring.Keyring
-// Keybase options can be applied when generating this new Keybase.
+	options Options
 func NewInMemory(opts ...KeybaseOption) Keybase {
 	return newKeyringKeybase(keyring.NewArrayKeyring(nil), opts...)
 }
-// CreateMnemonic generates a new key and persists it to storage, encrypted
+func newKeystore(kr keyring.Keyring, opts ...Option) keystore {
-// using the provided password. It returns the generated mnemonic and the key Info.
+	// Default options for keybase
-// An error is returned if it fails to generate a key for the given algo type,
+	options := Options{
-// or if another key is already stored under the same name.
+		SupportedAlgos:       SigningAlgoList{hd.Secp256k1},
-func (kb keyringKeybase) CreateMnemonic(
+		SupportedAlgosLedger: SigningAlgoList{hd.Secp256k1},
-	name string, language Language, passwd string, algo SigningAlgo,
+	}
 ) (info Info, mnemonic string, err error) {
-	return kb.base.CreateMnemonic(kb, name, language, passwd, algo)
+	for _, optionFn := range opts {
 		optionFn(&options)
 	}
 	return keystore{kr, options}
 }
-// CreateAccount converts a mnemonic to a private key and persists it, encrypted
+func (ks keystore) ExportPubKeyArmor(uid string) (string, error) {
-// with the given password.
+	bz, err := ks.Key(uid)
 func (kb keyringKeybase) CreateAccount(
 	name, mnemonic, bip39Passwd, encryptPasswd, hdPath string, algo SigningAlgo,
 ) (Info, error) {
 	return kb.base.CreateAccount(kb, name, mnemonic, bip39Passwd, encryptPasswd, hdPath, algo)
 }
 // CreateLedger creates a new locally-stored reference to a Ledger keypair.
 // It returns the created key info and an error if the Ledger could not be queried.
 func (kb keyringKeybase) CreateLedger(
 	name string, algo SigningAlgo, hrp string, account, index uint32,
 ) (Info, error) {
 	return kb.base.CreateLedger(kb, name, algo, hrp, account, index)
 }
 // CreateOffline creates a new reference to an offline keypair. It returns the
 // created key info.
 func (kb keyringKeybase) CreateOffline(name string, pub tmcrypto.PubKey, algo SigningAlgo) (Info, error) {
 	return kb.base.writeOfflineKey(kb, name, pub, algo), nil
 }
 // CreateMulti creates a new reference to a multisig (offline) keypair. It
 // returns the created key Info object.
 func (kb keyringKeybase) CreateMulti(name string, pub tmcrypto.PubKey) (Info, error) {
 	return kb.base.writeMultisigKey(kb, name, pub), nil
 }
 // List returns the keys from storage in alphabetical order.
 func (kb keyringKeybase) List() ([]Info, error) {
 	var res []Info
 	keys, err := kb.db.Keys()
 	if err != nil {
-		return nil, err
+		return "", err
 	}
-	sort.Strings(keys)
+	if bz == nil {
-
+		return "", fmt.Errorf("no key to export with name: %s", uid)
 	for _, key := range keys {
 		if strings.HasSuffix(key, infoSuffix) {
 			rawInfo, err := kb.db.Get(key)
 			if err != nil {
 				return nil, err
 			}
 			if len(rawInfo.Data) == 0 {
 				return nil, sdkerrors.Wrap(sdkerrors.ErrKeyNotFound, key)
 			}
 			info, err := unmarshalInfo(rawInfo.Data)
 			if err != nil {
 				return nil, err
 			}
 			res = append(res, info)
 		}
 	}
-	return res, nil
+	return crypto.ArmorPubKeyBytes(bz.GetPubKey().Bytes(), string(bz.GetAlgo())), nil
 }
-// Get returns the public information about one key.
+func (ks keystore) ExportPubKeyArmorByAddress(address sdk.Address) (string, error) {
-func (kb keyringKeybase) Get(name string) (Info, error) {
+	info, err := ks.KeyByAddress(address)
 	key := infoKey(name)
 	bs, err := kb.db.Get(string(key))
 	if err != nil {
-		return nil, err
+		return "", err
 	}
-	if len(bs.Data) == 0 {
+	return ks.ExportPubKeyArmor(info.GetName())
 		return nil, sdkerrors.Wrap(sdkerrors.ErrKeyNotFound, name)
 	}
 	return unmarshalInfo(bs.Data)
 }
-// GetByAddress fetches a key by address and returns its public information.
+func (ks keystore) ExportPrivKeyArmor(uid, encryptPassphrase string) (armor string, err error) {
-func (kb keyringKeybase) GetByAddress(address types.AccAddress) (Info, error) {
+	priv, err := ks.ExportPrivateKeyObject(uid)
 	ik, err := kb.db.Get(string(addrHexKey(address)))
 	if err != nil {
-		return nil, err
+		return "", err
 	}
-	if len(ik.Data) == 0 {
+	info, err := ks.Key(uid)
 		return nil, fmt.Errorf("key with address %s not found", address)
 	}
 	bs, err := kb.db.Get(string(ik.Data))
 	if err != nil {
-		return nil, err
+		return "", err
 	}
-	return unmarshalInfo(bs.Data)
+	return crypto.EncryptArmorPrivKey(priv, encryptPassphrase, string(info.GetAlgo())), nil
 }
 // Sign signs an arbitrary set of bytes with the named key. It returns an error
 // if the key doesn't exist or the decryption fails.
 func (kb keyringKeybase) Sign(name, passphrase string, msg []byte) (sig []byte, pub tmcrypto.PubKey, err error) {
 	info, err := kb.Get(name)
 	if err != nil {
 		return
 	}
 	var priv tmcrypto.PrivKey
 	switch i := info.(type) {
 	case localInfo:
 		if i.PrivKeyArmor == "" {
 			return nil, nil, fmt.Errorf("private key not available")
 		}
 		priv, err = cryptoAmino.PrivKeyFromBytes([]byte(i.PrivKeyArmor))
 		if err != nil {
 			return nil, nil, err
 		}
 	case ledgerInfo:
 		return SignWithLedger(info, msg)
 	case offlineInfo, multiInfo:
 		return nil, info.GetPubKey(), errors.New("cannot sign with offline keys")
 	}
 	sig, err = priv.Sign(msg)
 	if err != nil {
 		return nil, nil, err
 	}
 	return sig, priv.PubKey(), nil
 }
 // ExportPrivateKeyObject exports an armored private key object.
-func (kb keyringKeybase) ExportPrivateKeyObject(name string, passphrase string) (tmcrypto.PrivKey, error) {
+func (ks keystore) ExportPrivateKeyObject(uid string) (tmcrypto.PrivKey, error) {
-	info, err := kb.Get(name)
+	info, err := ks.Key(uid)
 	if err != nil {
 		return nil, err
 	}
@ -270,92 +243,18 @@ func (kb keyringKeybase) ExportPrivateKeyObject(name string, passphrase string)
 	return priv, nil
 }
-// Export exports armored private key to the caller.
+func (ks keystore) ExportPrivKeyArmorByAddress(address sdk.Address, encryptPassphrase string) (armor string, err error) {
-func (kb keyringKeybase) Export(name string) (armor string, err error) {
+	byAddress, err := ks.KeyByAddress(address)
 	bz, err := kb.db.Get(string(infoKey(name)))
 	if err != nil {
 		return "", err
 	}
-	if bz.Data == nil {
+	return ks.ExportPrivKeyArmor(byAddress.GetName(), encryptPassphrase)
 		return "", fmt.Errorf("no key to export with name: %s", name)
 	}
 	return crypto.ArmorInfoBytes(bz.Data), nil
 }
-// ExportPubKey returns public keys in ASCII armored format. It retrieves an Info
+func (ks keystore) ImportPrivKey(uid, armor, passphrase string) error {
-// object by its name and return the public key in a portable format.
+	if _, err := ks.Key(uid); err == nil {
-func (kb keyringKeybase) ExportPubKey(name string) (armor string, err error) {
+		return fmt.Errorf("cannot overwrite key: %s", uid)
 	bz, err := kb.Get(name)
 	if err != nil {
 		return "", err
 	}
 	if bz == nil {
 		return "", fmt.Errorf("no key to export with name: %s", name)
 	}
 	return crypto.ArmorPubKeyBytes(bz.GetPubKey().Bytes(), string(bz.GetAlgo())), nil
 }
 // Import imports armored private key.
 func (kb keyringKeybase) Import(name string, armor string) error {
 	bz, _ := kb.Get(name)
 	if bz != nil {
 		pubkey := bz.GetPubKey()
 		if len(pubkey.Bytes()) > 0 {
 			return fmt.Errorf("cannot overwrite data for name: %s", name)
 		}
 	}
 	infoBytes, err := crypto.UnarmorInfoBytes(armor)
 	if err != nil {
 		return err
 	}
 	info, err := unmarshalInfo(infoBytes)
 	if err != nil {
 		return err
 	}
 	kb.writeInfo(name, info)
 	err = kb.db.Set(keyring.Item{
 		Key:  string(addrHexKey(info.GetAddress())),
 		Data: infoKey(name),
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // ExportPrivKey returns a private key in ASCII armored format. An error is returned
 // if the key does not exist or a wrong encryption passphrase is supplied.
 func (kb keyringKeybase) ExportPrivKey(name, decryptPassphrase, encryptPassphrase string) (armor string, err error) {
 	priv, err := kb.ExportPrivateKeyObject(name, decryptPassphrase)
 	if err != nil {
 		return "", err
 	}
 	info, err := kb.Get(name)
 	if err != nil {
 		return "", err
 	}
 	return crypto.EncryptArmorPrivKey(priv, encryptPassphrase, string(info.GetAlgo())), nil
 }
 // ImportPrivKey imports a private key in ASCII armor format. An error is returned
 // if a key with the same name exists or a wrong encryption passphrase is
 // supplied.
 func (kb keyringKeybase) ImportPrivKey(name, armor, passphrase string) error {
 	if kb.HasKey(name) {
 		return fmt.Errorf("cannot overwrite key: %s", name)
 	}
 	privKey, algo, err := crypto.UnarmorDecryptPrivKey(armor, passphrase)
@ -363,28 +262,17 @@ func (kb keyringKeybase) ImportPrivKey(name, armor, passphrase string) error {
 		return errors.Wrap(err, "failed to decrypt private key")
 	}
-	// NOTE: The keyring keystore has no need for a passphrase.
+	_, err = ks.writeLocalKey(uid, privKey, hd.PubKeyType(algo))
-	kb.writeLocalKey(name, privKey, SigningAlgo(algo))
+	if err != nil {
 		return err
 	}
 	return nil
 }
-// HasKey returns whether the key exists in the keyring.
+func (ks keystore) ImportPubKey(uid string, armor string) error {
-func (kb keyringKeybase) HasKey(name string) bool {
+	if _, err := ks.Key(uid); err == nil {
-	bz, _ := kb.Get(name)
+		return fmt.Errorf("cannot overwrite key: %s", uid)
 	return bz != nil
 }
 // ImportPubKey imports an ASCII-armored public key. It will store a new Info
 // object holding a public key only, i.e. it will not be possible to sign with
 // it as it lacks the secret key.
 func (kb keyringKeybase) ImportPubKey(name string, armor string) error {
 	bz, _ := kb.Get(name)
 	if bz != nil {
 		pubkey := bz.GetPubKey()
 		if len(pubkey.Bytes()) > 0 {
 			return fmt.Errorf("cannot overwrite data for name: %s", name)
 		}
 	}
 	pubBytes, algo, err := crypto.UnarmorPubKeyBytes(armor)
@ -397,27 +285,7 @@ func (kb keyringKeybase) ImportPubKey(name string, armor string) error {
 		return err
 	}
-	kb.base.writeOfflineKey(kb, name, pubKey, SigningAlgo(algo))
+	_, err = ks.writeOfflineKey(uid, pubKey, hd.PubKeyType(algo))
 	return nil
 }
 // Delete removes key forever, but we must present the proper passphrase before
 // deleting it (for security). It returns an error if the key doesn't exist or
 // passphrases don't match. The passphrase is ignored when deleting references to
 // offline and Ledger / HW wallet keys.
 func (kb keyringKeybase) Delete(name, _ string, _ bool) error {
 	// verify we have the proper password before deleting
 	info, err := kb.Get(name)
 	if err != nil {
 		return err
 	}
 	err = kb.db.Remove(string(addrHexKey(info.GetAddress())))
 	if err != nil {
 		return err
 	}
 	err = kb.db.Remove(string(infoKey(name)))
 	if err != nil {
 		return err
 	}
@ -425,59 +293,257 @@ func (kb keyringKeybase) Delete(name, _ string, _ bool) error {
 	return nil
 }
-// SupportedAlgos returns a list of supported signing algorithms.
+func (ks keystore) Sign(uid string, msg []byte) ([]byte, tmcrypto.PubKey, error) {
-func (kb keyringKeybase) SupportedAlgos() []SigningAlgo {
+	info, err := ks.Key(uid)
 	return kb.base.SupportedAlgos()
 }
 // SupportedAlgosLedger returns a list of supported ledger signing algorithms.
 func (kb keyringKeybase) SupportedAlgosLedger() []SigningAlgo {
 	return kb.base.SupportedAlgosLedger()
 }
 func (kb keyringKeybase) writeLocalKey(name string, priv tmcrypto.PrivKey, algo SigningAlgo) Info {
 	// encrypt private key using keyring
 	pub := priv.PubKey()
 	info := newLocalInfo(name, pub, string(priv.Bytes()), algo)
 	kb.writeInfo(name, info)
 	return info
 }
 func (kb keyringKeybase) writeInfo(name string, info Info) {
 	// write the info by key
 	key := infoKey(name)
 	serializedInfo := marshalInfo(info)
 	err := kb.db.Set(keyring.Item{
 		Key:  string(key),
 		Data: serializedInfo,
 	})
 	if err != nil {
-		panic(err)
+		return nil, nil, err
 	}
-	err = kb.db.Set(keyring.Item{
+	var priv tmcrypto.PrivKey
-		Key:  string(addrHexKey(info.GetAddress())),
+
-		Data: key,
+	switch i := info.(type) {
-	})
+	case localInfo:
-	if err != nil {
+		if i.PrivKeyArmor == "" {
-		panic(err)
+			return nil, nil, fmt.Errorf("private key not available")
 		}
 		priv, err = cryptoAmino.PrivKeyFromBytes([]byte(i.PrivKeyArmor))
 		if err != nil {
 			return nil, nil, err
 		}
 	case ledgerInfo:
 		return SignWithLedger(info, msg)
 	case offlineInfo, multiInfo:
 		return nil, info.GetPubKey(), errors.New("cannot sign with offline keys")
 	}
 	sig, err := priv.Sign(msg)
 	if err != nil {
 		return nil, nil, err
 	}
 	return sig, priv.PubKey(), nil
 }
-func lkbToKeyringConfig(appName, dir string, buf io.Reader, test bool) keyring.Config {
+func (ks keystore) SignByAddress(address sdk.Address, msg []byte) ([]byte, tmcrypto.PubKey, error) {
-	if test {
+	key, err := ks.KeyByAddress(address)
-		return keyring.Config{
+	if err != nil {
-			AllowedBackends: []keyring.BackendType{keyring.FileBackend},
+		return nil, nil, err
-			ServiceName:     appName,
+	}
-			FileDir:         filepath.Join(dir, fmt.Sprintf(testKeyringDirNameFmt, appName)),
+
-			FilePasswordFunc: func(_ string) (string, error) {
+	return ks.Sign(key.GetName(), msg)
-				return "test", nil
+}
-			},
+
 func (ks keystore) SaveLedgerKey(uid string, algo SignatureAlgo, hrp string, coinType, account, index uint32) (Info, error) {
 	if !ks.options.SupportedAlgosLedger.Contains(algo) {
 		return nil, ErrUnsupportedSigningAlgo
 	}
 	hdPath := hd.NewFundraiserParams(account, coinType, index)
 	priv, _, err := crypto.NewPrivKeyLedgerSecp256k1(*hdPath, hrp)
 	if err != nil {
 		return nil, err
 	}
 	return ks.writeLedgerKey(uid, priv.PubKey(), *hdPath, algo.Name())
 }
 func (ks keystore) writeLedgerKey(name string, pub tmcrypto.PubKey, path hd.BIP44Params, algo hd.PubKeyType) (Info, error) {
 	info := newLedgerInfo(name, pub, path, algo)
 	err := ks.writeInfo(info)
 	if err != nil {
 		return nil, err
 	}
 	return info, nil
 }
 func (ks keystore) SaveMultisig(uid string, pubkey tmcrypto.PubKey) (Info, error) {
 	return ks.writeMultisigKey(uid, pubkey)
 }
 func (ks keystore) SavePubKey(uid string, pubkey tmcrypto.PubKey, algo hd.PubKeyType) (Info, error) {
 	return ks.writeOfflineKey(uid, pubkey, algo)
 }
 func (ks keystore) DeleteByAddress(address sdk.Address) error {
 	info, err := ks.KeyByAddress(address)
 	if err != nil {
 		return err
 	}
 	err = ks.Delete(info.GetName())
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (ks keystore) Delete(uid string) error {
 	info, err := ks.Key(uid)
 	if err != nil {
 		return err
 	}
 	err = ks.db.Remove(addrHexKeyAsString(info.GetAddress()))
 	if err != nil {
 		return err
 	}
 	err = ks.db.Remove(string(infoKey(uid)))
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (ks keystore) KeyByAddress(address sdk.Address) (Info, error) {
 	ik, err := ks.db.Get(addrHexKeyAsString(address))
 	if err != nil {
 		return nil, err
 	}
 	if len(ik.Data) == 0 {
 		return nil, fmt.Errorf("key with address %s not found", address)
 	}
 	bs, err := ks.db.Get(string(ik.Data))
 	if err != nil {
 		return nil, err
 	}
 	return unmarshalInfo(bs.Data)
 }
 func (ks keystore) List() ([]Info, error) {
 	var res []Info
 	keys, err := ks.db.Keys()
 	if err != nil {
 		return nil, err
 	}
 	sort.Strings(keys)
 	for _, key := range keys {
 		if strings.HasSuffix(key, infoSuffix) {
 			rawInfo, err := ks.db.Get(key)
 			if err != nil {
 				return nil, err
 			}
 			if len(rawInfo.Data) == 0 {
 				return nil, sdkerrors.Wrap(sdkerrors.ErrKeyNotFound, key)
 			}
 			info, err := unmarshalInfo(rawInfo.Data)
 			if err != nil {
 				return nil, err
 			}
 			res = append(res, info)
 		}
 	}
 	return res, nil
 }
 func (ks keystore) NewMnemonic(uid string, language Language, hdPath string, algo SignatureAlgo) (Info, string, error) {
 	if language != English {
 		return nil, "", ErrUnsupportedLanguage
 	}
 	if !ks.isSupportedSigningAlgo(algo) {
 		return nil, "", ErrUnsupportedSigningAlgo
 	}
 	// Default number of words (24): This generates a mnemonic directly from the
 	// number of words by reading system entropy.
 	entropy, err := bip39.NewEntropy(defaultEntropySize)
 	if err != nil {
 		return nil, "", err
 	}
 	mnemonic, err := bip39.NewMnemonic(entropy)
 	if err != nil {
 		return nil, "", err
 	}
 	info, err := ks.NewAccount(uid, mnemonic, DefaultBIP39Passphrase, hdPath, algo)
 	if err != nil {
 		return nil, "", err
 	}
 	return info, mnemonic, err
 }
 func (ks keystore) NewAccount(uid string, mnemonic string, bip39Passphrase string, hdPath string, algo SignatureAlgo) (Info, error) {
 	if !ks.isSupportedSigningAlgo(algo) {
 		return nil, ErrUnsupportedSigningAlgo
 	}
 	// create master key and derive first key for keyring
 	derivedPriv, err := algo.Derive()(mnemonic, bip39Passphrase, hdPath)
 	if err != nil {
 		return nil, err
 	}
 	privKey := algo.Generate()(derivedPriv)
 	return ks.writeLocalKey(uid, privKey, algo.Name())
 }
 func (ks keystore) isSupportedSigningAlgo(algo SignatureAlgo) bool {
 	return ks.options.SupportedAlgos.Contains(algo)
 }
 func (ks keystore) Key(uid string) (Info, error) {
 	key := infoKey(uid)
 	bs, err := ks.db.Get(string(key))
 	if err != nil {
 		return nil, err
 	}
 	if len(bs.Data) == 0 {
 		return nil, sdkerrors.Wrap(sdkerrors.ErrKeyNotFound, uid)
 	}
 	return unmarshalInfo(bs.Data)
 }
 // SignWithLedger signs a binary message with the ledger device referenced by an Info object
 // and returns the signed bytes and the public key. It returns an error if the device could
 // not be queried or it returned an error.
 func SignWithLedger(info Info, msg []byte) (sig []byte, pub tmcrypto.PubKey, err error) {
 	switch info.(type) {
 	case *ledgerInfo, ledgerInfo:
 	default:
 		return nil, nil, errors.New("not a ledger object")
 	}
 	path, err := info.GetPath()
 	if err != nil {
 		return
 	}
 	priv, err := crypto.NewPrivKeyLedgerSecp256k1Unsafe(*path)
 	if err != nil {
 		return
 	}
 	sig, err = priv.Sign(msg)
 	if err != nil {
 		return nil, nil, err
 	}
 	return sig, priv.PubKey(), nil
 }
 func newOSBackendKeyringConfig(appName, dir string, buf io.Reader) keyring.Config {
 	return keyring.Config{
 		ServiceName:      appName,
 		FileDir:          dir,
@ -485,6 +551,17 @@ func lkbToKeyringConfig(appName, dir string, buf io.Reader, test bool) keyring.C
 	}
 }
 func newTestBackendKeyringConfig(appName, dir string) keyring.Config {
 	return keyring.Config{
 		AllowedBackends: []keyring.BackendType{keyring.FileBackend},
 		ServiceName:     appName,
 		FileDir:         filepath.Join(dir, keyringTestDirName),
 		FilePasswordFunc: func(_ string) (string, error) {
 			return "test", nil
 		},
 	}
 }
 func newKWalletBackendKeyringConfig(appName, _ string, _ io.Reader) keyring.Config {
 	return keyring.Config{
 		AllowedBackends: []keyring.BackendType{keyring.KWalletBackend},
@ -494,7 +571,7 @@ func newKWalletBackendKeyringConfig(appName, _ string, _ io.Reader) keyring.Conf
 	}
 }
-func newPassBackendKeyringConfig(appName, dir string, _ io.Reader) keyring.Config {
+func newPassBackendKeyringConfig(appName, _ string, _ io.Reader) keyring.Config {
 	prefix := fmt.Sprintf(passKeyringPrefix, appName)
 	return keyring.Config{
 		AllowedBackends: []keyring.BackendType{keyring.PassBackend},
@ -504,7 +581,7 @@ func newPassBackendKeyringConfig(appName, dir string, _ io.Reader) keyring.Confi
 }
 func newFileBackendKeyringConfig(name, dir string, buf io.Reader) keyring.Config {
-	fileDir := filepath.Join(dir, fmt.Sprintf(keyringDirNameFmt, name))
+	fileDir := filepath.Join(dir, keyringFileDirName)
 	return keyring.Config{
 		AllowedBackends:  []keyring.BackendType{keyring.FileBackend},
 		ServiceName:      name,
@ -586,6 +663,88 @@ func newRealPrompt(dir string, buf io.Reader) func(string) (string, error) {
 	}
 }
-func addrHexKey(address types.AccAddress) []byte {
+func (ks keystore) writeLocalKey(name string, priv tmcrypto.PrivKey, algo hd.PubKeyType) (Info, error) {
-	return []byte(fmt.Sprintf("%s.%s", hex.EncodeToString(address.Bytes()), addressSuffix))
+	// encrypt private key using keyring
 	pub := priv.PubKey()
 	info := newLocalInfo(name, pub, string(priv.Bytes()), algo)
 	err := ks.writeInfo(info)
 	if err != nil {
 		return nil, err
 	}
 	return info, nil
 }
 func (ks keystore) writeInfo(info Info) error {
 	// write the info by key
 	key := infoKey(info.GetName())
 	serializedInfo := marshalInfo(info)
 	exists, err := ks.existsInDb(info)
 	if exists {
 		return fmt.Errorf("public key already exist in keybase")
 	}
 	if err != nil {
 		return err
 	}
 	err = ks.db.Set(keyring.Item{
 		Key:  string(key),
 		Data: serializedInfo,
 	})
 	if err != nil {
 		return err
 	}
 	err = ks.db.Set(keyring.Item{
 		Key:  addrHexKeyAsString(info.GetAddress()),
 		Data: key,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (ks keystore) existsInDb(info Info) (bool, error) {
 	if _, err := ks.db.Get(addrHexKeyAsString(info.GetAddress())); err == nil {
 		return true, nil // address lookup succeeds - info exists
 	} else if err != keyring.ErrKeyNotFound {
 		return false, err // received unexpected error - returns error
 	}
 	if _, err := ks.db.Get(string(infoKey(info.GetName()))); err == nil {
 		return true, nil // uid lookup succeeds - info exists
 	} else if err != keyring.ErrKeyNotFound {
 		return false, err // received unexpected error - returns
 	}
 	// both lookups failed, info does not exist
 	return false, nil
 }
 func (ks keystore) writeOfflineKey(name string, pub tmcrypto.PubKey, algo hd.PubKeyType) (Info, error) {
 	info := newOfflineInfo(name, pub, algo)
 	err := ks.writeInfo(info)
 	if err != nil {
 		return nil, err
 	}
 	return info, nil
 }
 func (ks keystore) writeMultisigKey(name string, pub tmcrypto.PubKey) (Info, error) {
 	info := NewMultiInfo(name, pub)
 	err := ks.writeInfo(info)
 	if err != nil {
 		return nil, err
 	}
 	return info, nil
 }
 func addrHexKeyAsString(address sdk.Address) string {
 	return fmt.Sprintf("%s.%s", hex.EncodeToString(address.Bytes()), addressSuffix)
 }
--- a/crypto/keyring/keyring_ledger_test.go
+++ b/crypto/keyring/keyring_ledger_test.go
@ -0,0 +1,128 @@
 //+build ledger test_ledger_mock
 package keyring
 import (
 	"bytes"
 	"testing"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/tests"
 	"github.com/cosmos/cosmos-sdk/types"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 	"github.com/stretchr/testify/require"
 )
 func TestInMemoryCreateLedger(t *testing.T) {
 	kb := NewInMemory()
 	ledger, err := kb.SaveLedgerKey("some_account", hd.Secp256k1, "cosmos", 118, 3, 1)
 	if err != nil {
 		require.Error(t, err)
 		require.Equal(t, "ledger nano S: support for ledger devices is not available in this executable", err.Error())
 		require.Nil(t, ledger)
 		t.Skip("ledger nano S: support for ledger devices is not available in this executable")
 		return
 	}
 	// The mock is available, check that the address is correct
 	pubKey := ledger.GetPubKey()
 	pk, err := sdk.Bech32ifyPubKey(sdk.Bech32PubKeyTypeAccPub, pubKey)
 	require.NoError(t, err)
 	require.Equal(t, "cosmospub1addwnpepqdszcr95mrqqs8lw099aa9h8h906zmet22pmwe9vquzcgvnm93eqygufdlv", pk)
 	// Check that restoring the key gets the same results
 	restoredKey, err := kb.Key("some_account")
 	require.NoError(t, err)
 	require.NotNil(t, restoredKey)
 	require.Equal(t, "some_account", restoredKey.GetName())
 	require.Equal(t, TypeLedger, restoredKey.GetType())
 	pubKey = restoredKey.GetPubKey()
 	pk, err = sdk.Bech32ifyPubKey(sdk.Bech32PubKeyTypeAccPub, pubKey)
 	require.NoError(t, err)
 	require.Equal(t, "cosmospub1addwnpepqdszcr95mrqqs8lw099aa9h8h906zmet22pmwe9vquzcgvnm93eqygufdlv", pk)
 	path, err := restoredKey.GetPath()
 	require.NoError(t, err)
 	require.Equal(t, "44'/118'/3'/0/1", path.String())
 }
 // TestSignVerify does some detailed checks on how we sign and validate
 // signatures
 func TestSignVerifyKeyRingWithLedger(t *testing.T) {
 	dir, cleanup := tests.NewTestCaseDir(t)
 	t.Cleanup(cleanup)
 	kb, err := New("keybasename", "test", dir, nil)
 	require.NoError(t, err)
 	i1, err := kb.SaveLedgerKey("key", hd.Secp256k1, "cosmos", 118, 0, 0)
 	if err != nil {
 		require.Equal(t, "ledger nano S: support for ledger devices is not available in this executable", err.Error())
 		t.Skip("ledger nano S: support for ledger devices is not available in this executable")
 		return
 	}
 	require.Equal(t, "key", i1.GetName())
 	d1 := []byte("my first message")
 	s1, pub1, err := kb.Sign("key", d1)
 	require.NoError(t, err)
 	s2, pub2, err := SignWithLedger(i1, d1)
 	require.NoError(t, err)
 	require.True(t, pub1.Equals(pub2))
 	require.True(t, bytes.Equal(s1, s2))
 	require.Equal(t, i1.GetPubKey(), pub1)
 	require.Equal(t, i1.GetPubKey(), pub2)
 	require.True(t, pub1.VerifyBytes(d1, s1))
 	require.True(t, i1.GetPubKey().VerifyBytes(d1, s1))
 	require.True(t, bytes.Equal(s1, s2))
 	localInfo, _, err := kb.NewMnemonic("test", English, types.FullFundraiserPath, hd.Secp256k1)
 	require.NoError(t, err)
 	_, _, err = SignWithLedger(localInfo, d1)
 	require.Error(t, err)
 	require.Equal(t, "not a ledger object", err.Error())
 }
 func TestAltKeyring_SaveLedgerKey(t *testing.T) {
 	dir, clean := tests.NewTestCaseDir(t)
 	t.Cleanup(clean)
 	keyring, err := New(t.Name(), BackendTest, dir, nil)
 	require.NoError(t, err)
 	// Test unsupported Algo
 	_, err = keyring.SaveLedgerKey("key", notSupportedAlgo{}, "cosmos", 118, 0, 0)
 	require.EqualError(t, err, ErrUnsupportedSigningAlgo.Error())
 	ledger, err := keyring.SaveLedgerKey("some_account", hd.Secp256k1, "cosmos", 118, 3, 1)
 	if err != nil {
 		require.Equal(t, "ledger nano S: support for ledger devices is not available in this executable", err.Error())
 		t.Skip("ledger nano S: support for ledger devices is not available in this executable")
 		return
 	}
 	// The mock is available, check that the address is correct
 	require.Equal(t, "some_account", ledger.GetName())
 	pubKey := ledger.GetPubKey()
 	pk, err := sdk.Bech32ifyPubKey(sdk.Bech32PubKeyTypeAccPub, pubKey)
 	require.NoError(t, err)
 	require.Equal(t, "cosmospub1addwnpepqdszcr95mrqqs8lw099aa9h8h906zmet22pmwe9vquzcgvnm93eqygufdlv", pk)
 	// Check that restoring the key gets the same results
 	restoredKey, err := keyring.Key("some_account")
 	require.NoError(t, err)
 	require.NotNil(t, restoredKey)
 	require.Equal(t, "some_account", restoredKey.GetName())
 	require.Equal(t, TypeLedger, restoredKey.GetType())
 	pubKey = restoredKey.GetPubKey()
 	pk, err = sdk.Bech32ifyPubKey(sdk.Bech32PubKeyTypeAccPub, pubKey)
 	require.NoError(t, err)
 	require.Equal(t, "cosmospub1addwnpepqdszcr95mrqqs8lw099aa9h8h906zmet22pmwe9vquzcgvnm93eqygufdlv", pk)
 	path, err := restoredKey.GetPath()
 	require.NoError(t, err)
 	require.Equal(t, "44'/118'/3'/0/1", path.String())
 }
--- a/crypto/keyring/keyring_test.go
+++ b/crypto/keyring/keyring_test.go
--- a/crypto/keyring/legacy.go
+++ b/crypto/keyring/legacy.go
@ -2,6 +2,7 @@ package keyring
 import (
 	"fmt"
 	"io"
 	"strings"
 	"github.com/pkg/errors"
@ -179,10 +180,53 @@ func (kb dbKeybase) ExportPrivKey(name string, decryptPassphrase string,
 }
 // Close the underlying storage.
-func (kb dbKeybase) Close() error {
+func (kb dbKeybase) Close() error { return kb.db.Close() }
-	return kb.db.Close()
+
 func infoKey(name string) []byte { return []byte(fmt.Sprintf("%s.%s", name, infoSuffix)) }
 // InfoImporter is implemented by those types that want to provide functions necessary
 // to migrate keys from LegacyKeybase types to Keyring types.
 type InfoImporter interface {
 	// Import imports ASCII-armored private keys.
 	Import(uid string, armor string) error
 }
-func infoKey(name string) []byte {
+type keyringMigrator struct {
-	return []byte(fmt.Sprintf("%s.%s", name, infoSuffix))
+	kr keystore
 }
 func NewInfoImporter(
 	appName, backend, rootDir string, userInput io.Reader, opts ...Option,
 ) (InfoImporter, error) {
 	keyring, err := New(appName, backend, rootDir, userInput, opts...)
 	if err != nil {
 		return keyringMigrator{}, err
 	}
 	kr := keyring.(keystore)
 	return keyringMigrator{kr}, nil
 }
 func (m keyringMigrator) Import(uid string, armor string) error {
 	_, err := m.kr.Key(uid)
 	if err == nil {
 		return fmt.Errorf("cannot overwrite key %q", uid)
 	}
 	infoBytes, err := crypto.UnarmorInfoBytes(armor)
 	if err != nil {
 		return err
 	}
 	info, err := unmarshalInfo(infoBytes)
 	if err != nil {
 		return err
 	}
 	return m.kr.writeInfo(info)
 }
 // KeybaseOption overrides options for the db.
 type KeybaseOption func(*kbOptions)
 type kbOptions struct {
 }
--- a/crypto/keyring/legacy_test.go
+++ b/crypto/keyring/legacy_test.go
@ -1,6 +1,7 @@
 package keyring_test
 import (
 	"io"
 	"path/filepath"
 	"testing"
@ -38,7 +39,21 @@ func TestLegacyKeybase(t *testing.T) {
 	require.NoError(t, err)
 	require.NotEmpty(t, armor)
 	_, err = kb.ExportPrivKey(keys[0].GetName(), "12345678", "12345678")
 	require.Error(t, err)
 	armoredInfo, err := kb.Export(keys[0].GetName())
 	require.NoError(t, err)
 	require.NotEmpty(t, armoredInfo)
 	importer, err := keyring.NewInfoImporter("cosmos", "memory", "", nil)
 	require.NoError(t, err)
 	err = importer.Import("test", "")
 	require.Error(t, err)
 	require.Equal(t, io.EOF, err)
 	require.NoError(t, importer.Import("test", armoredInfo))
 	err = importer.Import("test", armoredInfo)
 	require.Error(t, err)
 	require.Equal(t, `public key already exist in keybase`, err.Error())
 }
--- a/crypto/keyring/options.go
+++ b/crypto/keyring/options.go
@ -1,39 +0,0 @@
 package keyring
 // KeybaseOption overrides options for the db
 type KeybaseOption func(*kbOptions)
 type kbOptions struct {
 	keygenFunc           PrivKeyGenFunc
 	deriveFunc           DeriveKeyFunc
 	supportedAlgos       []SigningAlgo
 	supportedAlgosLedger []SigningAlgo
 }
 // WithKeygenFunc applies an overridden key generation function to generate the private key.
 func WithKeygenFunc(f PrivKeyGenFunc) KeybaseOption {
 	return func(o *kbOptions) {
 		o.keygenFunc = f
 	}
 }
 // WithDeriveFunc applies an overridden key derivation function to generate the private key.
 func WithDeriveFunc(f DeriveKeyFunc) KeybaseOption {
 	return func(o *kbOptions) {
 		o.deriveFunc = f
 	}
 }
 // WithSupportedAlgos defines the list of accepted SigningAlgos.
 func WithSupportedAlgos(algos []SigningAlgo) KeybaseOption {
 	return func(o *kbOptions) {
 		o.supportedAlgos = algos
 	}
 }
 // WithSupportedAlgosLedger defines the list of accepted SigningAlgos compatible with Ledger.
 func WithSupportedAlgosLedger(algos []SigningAlgo) KeybaseOption {
 	return func(o *kbOptions) {
 		o.supportedAlgosLedger = algos
 	}
 }
--- a/crypto/keyring/signing_algorithms.go
+++ b/crypto/keyring/signing_algorithms.go
@ -1,26 +1,33 @@
 package keyring
-// SigningAlgo defines an algorithm to derive key-pairs which can be used for cryptographic signing.
+import (
-type SigningAlgo string
+	"fmt"
-const (
+	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	// MultiAlgo implies that a pubkey is a multisignature
 	MultiAlgo = SigningAlgo("multi")
 	// Secp256k1 uses the Bitcoin secp256k1 ECDSA parameters.
 	Secp256k1 = SigningAlgo("secp256k1")
 	// Ed25519 represents the Ed25519 signature system.
 	// It is currently not supported for end-user keys (wallets/ledgers).
 	Ed25519 = SigningAlgo("ed25519")
 	// Sr25519 represents the Sr25519 signature system.
 	Sr25519 = SigningAlgo("sr25519")
 )
-// IsSupportedAlgorithm returns whether the signing algorithm is in the passed-in list of supported algorithms.
+type SignatureAlgo interface {
-func IsSupportedAlgorithm(supported []SigningAlgo, algo SigningAlgo) bool {
+	Name() hd.PubKeyType
-	for _, supportedAlgo := range supported {
+	Derive() hd.DeriveFn
-		if algo == supportedAlgo {
+	Generate() hd.GenerateFn
 }
 func NewSigningAlgoFromString(str string) (SignatureAlgo, error) {
 	if str != string(hd.Secp256k1.Name()) {
 		return nil, fmt.Errorf("provided algorithm `%s` is not supported", str)
 	}
 	return hd.Secp256k1, nil
 }
 type SigningAlgoList []SignatureAlgo
 func (l SigningAlgoList) Contains(algo SignatureAlgo) bool {
 	for _, cAlgo := range l {
 		if cAlgo.Name() == algo.Name() {
 			return true
 		}
 	}
 	return false
 }
--- a/crypto/keyring/signing_algorithms_test.go
+++ b/crypto/keyring/signing_algorithms_test.go
@ -0,0 +1,71 @@
 package keyring
 import (
 	"fmt"
 	"testing"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 )
 func TestNewSigningAlgoByString(t *testing.T) {
 	tests := []struct {
 		name         string
 		algoStr      string
 		isSupported  bool
 		expectedAlgo SignatureAlgo
 		expectedErr  error
 	}{
 		{
 			"supported algorithm",
 			"secp256k1",
 			true,
 			hd.Secp256k1,
 			nil,
 		},
 		{
 			"not supported",
 			"notsupportedalgo",
 			false,
 			nil,
 			fmt.Errorf("provided algorithm `notsupportedalgo` is not supported"),
 		},
 	}
 	for _, tt := range tests {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
 			algorithm, err := NewSigningAlgoFromString(tt.algoStr)
 			if tt.isSupported {
 				require.Equal(t, hd.Secp256k1, algorithm)
 			} else {
 				require.EqualError(t, err, tt.expectedErr.Error())
 			}
 		})
 	}
 }
 func TestAltSigningAlgoList_Contains(t *testing.T) {
 	list := SigningAlgoList{
 		hd.Secp256k1,
 	}
 	assert.True(t, list.Contains(hd.Secp256k1))
 	assert.False(t, list.Contains(notSupportedAlgo{}))
 }
 type notSupportedAlgo struct {
 }
 func (n notSupportedAlgo) Name() hd.PubKeyType {
 	return "notSupported"
 }
 func (n notSupportedAlgo) Derive() hd.DeriveFn {
 	return hd.Secp256k1.Derive()
 }
 func (n notSupportedAlgo) Generate() hd.GenerateFn {
 	return hd.Secp256k1.Generate()
 }
--- a/crypto/keyring/types.go
+++ b/crypto/keyring/types.go
@ -1,6 +1,10 @@
 package keyring
-import "github.com/tendermint/tendermint/crypto"
+import (
 	"github.com/tendermint/tendermint/crypto"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 )
 // Language is a language to create the BIP 39 mnemonic in.
 // Currently, only english is supported though.
@ -62,7 +66,7 @@ func (kt KeyType) String() string {
 type (
 	// DeriveKeyFunc defines the function to derive a new key from a seed and hd path
-	DeriveKeyFunc func(mnemonic string, bip39Passphrase, hdPath string, algo SigningAlgo) ([]byte, error)
+	DeriveKeyFunc func(mnemonic string, bip39Passphrase, hdPath string, algo hd.PubKeyType) ([]byte, error)
 	// PrivKeyGenFunc defines the function to convert derived key bytes to a tendermint private key
-	PrivKeyGenFunc func(bz []byte, algo SigningAlgo) (crypto.PrivKey, error)
+	PrivKeyGenFunc func(bz []byte, algo hd.PubKeyType) (crypto.PrivKey, error)
 )
--- a/crypto/keyring/types_test.go
+++ b/crypto/keyring/types_test.go
@ -7,7 +7,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/tendermint/tendermint/crypto/secp256k1"
-	"github.com/cosmos/cosmos-sdk/crypto/keys/hd"
+	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 )
@ -16,7 +16,7 @@ func Test_writeReadLedgerInfo(t *testing.T) {
 	bz, _ := hex.DecodeString("035AD6810A47F073553FF30D2FCC7E0D3B1C0B74B61A1AAA2582344037151E143A")
 	copy(tmpKey[:], bz)
-	lInfo := newLedgerInfo("some_name", tmpKey, *hd.NewFundraiserParams(5, sdk.CoinType, 1), Secp256k1)
+	lInfo := newLedgerInfo("some_name", tmpKey, *hd.NewFundraiserParams(5, sdk.CoinType, 1), hd.Secp256k1Type)
 	assert.Equal(t, TypeLedger, lInfo.GetType())
 	path, err := lInfo.GetPath()
--- a/crypto/ledger_mock.go
+++ b/crypto/ledger_mock.go
@ -14,7 +14,7 @@ import (
 	bip39 "github.com/cosmos/go-bip39"
-	"github.com/cosmos/cosmos-sdk/crypto/keys/hd"
+	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/tests"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 )
--- a/crypto/ledger_secp256k1.go
+++ b/crypto/ledger_secp256k1.go
@ -11,7 +11,7 @@ import (
 	tmcrypto "github.com/tendermint/tendermint/crypto"
 	tmsecp256k1 "github.com/tendermint/tendermint/crypto/secp256k1"
-	"github.com/cosmos/cosmos-sdk/crypto/keys/hd"
+	"github.com/cosmos/cosmos-sdk/crypto/hd"
 )
 var (
--- a/crypto/ledger_test.go
+++ b/crypto/ledger_test.go
@ -9,7 +9,7 @@ import (
 	tmcrypto "github.com/tendermint/tendermint/crypto"
 	cryptoAmino "github.com/tendermint/tendermint/crypto/encoding/amino"
-	"github.com/cosmos/cosmos-sdk/crypto/keys/hd"
+	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/tests"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 )
--- a/server/init.go
+++ b/server/init.go
@ -3,7 +3,9 @@ package server
 import (
 	"fmt"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"github.com/cosmos/cosmos-sdk/types"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 )
@ -11,31 +13,39 @@ import (
 // GenerateCoinKey returns the address of a public key, along with the secret
 // phrase to recover the private key.
 func GenerateCoinKey() (sdk.AccAddress, string, error) {
 	// generate a private key, with recovery phrase
-	info, secret, err := keyring.NewInMemory().CreateMnemonic(
+	info, secret, err := keyring.NewInMemory().NewMnemonic("name", keyring.English, types.FullFundraiserPath, hd.Secp256k1)
 		"name", keyring.English, "pass", keyring.Secp256k1)
 	if err != nil {
 		return sdk.AccAddress([]byte{}), "", err
 	}
-	addr := info.GetPubKey().Address()
+	return sdk.AccAddress(info.GetPubKey().Address()), secret, nil
 	return sdk.AccAddress(addr), secret, nil
 }
 // GenerateSaveCoinKey returns the address of a public key, along with the secret
 // phrase to recover the private key.
-func GenerateSaveCoinKey(keybase keyring.Keybase, keyName, keyPass string, overwrite bool) (sdk.AccAddress, string, error) {
+func GenerateSaveCoinKey(keybase keyring.Keyring, keyName, keyPass string, overwrite bool) (sdk.AccAddress, string, error) {
 	exists := false
 	_, err := keybase.Key(keyName)
 	if err == nil {
 		exists = true
 	}
 	// ensure no overwrite
-	if !overwrite {
+	if !overwrite && exists {
-		_, err := keybase.Get(keyName)
+		return sdk.AccAddress([]byte{}), "", fmt.Errorf(
-		if err == nil {
+			"key already exists, overwrite is disabled")
 			return sdk.AccAddress([]byte{}), "", fmt.Errorf(
 				"key already exists, overwrite is disabled")
 		}
 	}
 	// generate a private key, with recovery phrase
-	info, secret, err := keybase.CreateMnemonic(keyName, keyring.English, keyPass, keyring.Secp256k1)
+	if exists {
 		err = keybase.Delete(keyName)
 		if err != nil {
 			return sdk.AccAddress([]byte{}), "", fmt.Errorf(
 				"failed to overwrite key")
 		}
 	}
 	info, secret, err := keybase.NewMnemonic(keyName, keyring.English, types.FullFundraiserPath, hd.Secp256k1)
 	if err != nil {
 		return sdk.AccAddress([]byte{}), "", err
 	}
--- a/server/init_test.go
+++ b/server/init_test.go
@ -5,9 +5,11 @@ import (
 	"github.com/stretchr/testify/require"
 	"github.com/cosmos/cosmos-sdk/crypto/hd"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"github.com/cosmos/cosmos-sdk/server"
 	"github.com/cosmos/cosmos-sdk/tests"
 	"github.com/cosmos/cosmos-sdk/types"
 )
 func TestGenerateCoinKey(t *testing.T) {
@ -16,7 +18,7 @@ func TestGenerateCoinKey(t *testing.T) {
 	require.NoError(t, err)
 	// Test creation
-	info, err := keyring.NewInMemory().CreateAccount("xxx", mnemonic, "", "012345678", keyring.CreateHDPath(0, 0).String(), keyring.Secp256k1)
+	info, err := keyring.NewInMemory().NewAccount("xxx", mnemonic, "", hd.NewFundraiserParams(0, types.GetConfig().GetCoinType(), 0).String(), hd.Secp256k1)
 	require.NoError(t, err)
 	require.Equal(t, addr, info.GetAddress())
 }
@ -26,19 +28,19 @@ func TestGenerateSaveCoinKey(t *testing.T) {
 	dir, cleanup := tests.NewTestCaseDir(t)
 	t.Cleanup(cleanup)
-	kb, err := keyring.NewKeyring(t.Name(), "test", dir, nil)
+	kb, err := keyring.New(t.Name(), "test", dir, nil)
 	require.NoError(t, err)
 	addr, mnemonic, err := server.GenerateSaveCoinKey(kb, "keyname", "012345678", false)
 	require.NoError(t, err)
 	// Test key was actually saved
-	info, err := kb.Get("keyname")
+	info, err := kb.Key("keyname")
 	require.NoError(t, err)
 	require.Equal(t, addr, info.GetAddress())
 	// Test in-memory recovery
-	info, err = keyring.NewInMemory().CreateAccount("xxx", mnemonic, "", "012345678", keyring.CreateHDPath(0, 0).String(), keyring.Secp256k1)
+	info, err = keyring.NewInMemory().NewAccount("xxx", mnemonic, "", hd.NewFundraiserParams(0, types.GetConfig().GetCoinType(), 0).String(), hd.Secp256k1)
 	require.NoError(t, err)
 	require.Equal(t, addr, info.GetAddress())
 }
@ -48,7 +50,7 @@ func TestGenerateSaveCoinKeyOverwriteFlag(t *testing.T) {
 	dir, cleanup := tests.NewTestCaseDir(t)
 	t.Cleanup(cleanup)
-	kb, err := keyring.NewKeyring(t.Name(), "test", dir, nil)
+	kb, err := keyring.New(t.Name(), "test", dir, nil)
 	require.NoError(t, err)
 	keyname := "justakey"
--- a/x/auth/client/cli/tx_multisign.go
+++ b/x/auth/client/cli/tx_multisign.go
@ -65,13 +65,13 @@ func makeMultiSignCmd(cdc *codec.Codec) func(cmd *cobra.Command, args []string)
 		}
 		inBuf := bufio.NewReader(cmd.InOrStdin())
-		kb, err := keyring.NewKeyring(sdk.KeyringServiceName(),
+		kb, err := keyring.New(sdk.KeyringServiceName(),
 			viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), inBuf)
 		if err != nil {
 			return
 		}
-		multisigInfo, err := kb.Get(args[1])
+		multisigInfo, err := kb.Key(args[1])
 		if err != nil {
 			return
 		}
--- a/x/auth/client/tx.go
+++ b/x/auth/client/tx.go
@ -97,7 +97,7 @@ func CompleteAndBroadcastTxCLI(txBldr authtypes.TxBuilder, cliCtx context.CLICon
 		_, _ = fmt.Fprintf(os.Stderr, "%s\n\n", json)
 		buf := bufio.NewReader(os.Stdin)
-		ok, err := input.GetConfirmation("confirm transaction before signing and broadcasting", buf)
+		ok, err := input.GetConfirmation("confirm transaction before signing and broadcasting", buf, os.Stderr)
 		if err != nil || !ok {
 			_, _ = fmt.Fprintf(os.Stderr, "%s\n", "cancelled transaction")
 			return err
@ -184,7 +184,7 @@ func SignStdTx(
 	var signedStdTx authtypes.StdTx
-	info, err := txBldr.Keybase().Get(name)
+	info, err := txBldr.Keybase().Key(name)
 	if err != nil {
 		return signedStdTx, err
 	}
--- a/x/auth/types/params_test.go
+++ b/x/auth/types/params_test.go
@ -4,8 +4,9 @@ import (
 	"fmt"
 	"testing"
 	"github.com/cosmos/cosmos-sdk/x/auth/types"
 	"github.com/stretchr/testify/require"
 	"github.com/cosmos/cosmos-sdk/x/auth/types"
 )
 func TestParamsEqual(t *testing.T) {
--- a/x/auth/types/txbuilder.go
+++ b/x/auth/types/txbuilder.go
@ -17,7 +17,7 @@ import (
 // TxBuilder implements a transaction context created in SDK modules.
 type TxBuilder struct {
 	txEncoder          sdk.TxEncoder
-	keybase            keyring.Keybase
+	keybase            keyring.Keyring
 	accountNumber      uint64
 	sequence           uint64
 	gas                uint64
@ -53,7 +53,7 @@ func NewTxBuilder(
 // NewTxBuilderFromCLI returns a new initialized TxBuilder with parameters from
 // the command line using Viper.
 func NewTxBuilderFromCLI(input io.Reader) TxBuilder {
-	kb, err := keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), input)
+	kb, err := keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), input)
 	if err != nil {
 		panic(err)
 	}
@ -90,7 +90,7 @@ func (bldr TxBuilder) Gas() uint64 { return bldr.gas }
 func (bldr TxBuilder) GasAdjustment() float64 { return bldr.gasAdjustment }
 // Keybase returns the keybase
-func (bldr TxBuilder) Keybase() keyring.Keybase { return bldr.keybase }
+func (bldr TxBuilder) Keybase() keyring.Keyring { return bldr.keybase }
 // SimulateAndExecute returns the option to simulate and then execute the transaction
 // using the gas from the simulation results
@ -149,7 +149,7 @@ func (bldr TxBuilder) WithGasPrices(gasPrices string) TxBuilder {
 }
 // WithKeybase returns a copy of the context with updated keybase.
-func (bldr TxBuilder) WithKeybase(keybase keyring.Keybase) TxBuilder {
+func (bldr TxBuilder) WithKeybase(keybase keyring.Keyring) TxBuilder {
 	bldr.keybase = keybase
 	return bldr
 }
@ -272,17 +272,17 @@ func (bldr TxBuilder) SignStdTx(name, passphrase string, stdTx StdTx, appendSig
 }
 // MakeSignature builds a StdSignature given keybase, key name, passphrase, and a StdSignMsg.
-func MakeSignature(keybase keyring.Keybase, name, passphrase string,
+func MakeSignature(keybase keyring.Keyring, name, passphrase string,
 	msg StdSignMsg) (sig StdSignature, err error) {
 	if keybase == nil {
-		keybase, err = keyring.NewKeyring(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), os.Stdin)
+		keybase, err = keyring.New(sdk.KeyringServiceName(), viper.GetString(flags.FlagKeyringBackend), viper.GetString(flags.FlagHome), os.Stdin)
 		if err != nil {
 			return
 		}
 	}
-	sigBytes, pubkey, err := keybase.Sign(name, passphrase, msg.Bytes())
+	sigBytes, pubkey, err := keybase.Sign(name, msg.Bytes())
 	if err != nil {
 		return
 	}
--- a/x/genutil/client/cli/gentx.go
+++ b/x/genutil/client/cli/gentx.go
@ -93,14 +93,14 @@ func GenTxCmd(ctx *server.Context, cdc *codec.Codec, mbm module.BasicManager, sm
 			}
 			inBuf := bufio.NewReader(cmd.InOrStdin())
-			kb, err := keyring.NewKeyring(sdk.KeyringServiceName(),
+			kb, err := keyring.New(sdk.KeyringServiceName(),
 				viper.GetString(flags.FlagKeyringBackend), viper.GetString(flagClientHome), inBuf)
 			if err != nil {
 				return errors.Wrap(err, "failed to initialize keybase")
 			}
 			name := viper.GetString(flags.FlagName)
-			key, err := kb.Get(name)
+			key, err := kb.Key(name)
 			if err != nil {
 				return errors.Wrap(err, "failed to read from keybase")
 			}