@Override
 public DeterministicKeyChain toDecrypted(KeyParameter aesKey) {
   checkState(getKeyCrypter() != null, "Key chain not encrypted");
   checkState(seed != null, "Can't decrypt a watching chain");
   checkState(seed.isEncrypted());
   String passphrase = DEFAULT_PASSPHRASE_FOR_MNEMONIC; // FIXME allow non-empty passphrase
   DeterministicSeed decSeed = seed.decrypt(getKeyCrypter(), passphrase, aesKey);
   DeterministicKeyChain chain = new DeterministicKeyChain(decSeed);
   // Now double check that the keys match to catch the case where the key is wrong but padding
   // didn't catch it.
   if (!chain.getWatchingKey().getPubKeyPoint().equals(getWatchingKey().getPubKeyPoint()))
     throw new KeyCrypterException("Provided AES key is wrong");
   chain.lookaheadSize = lookaheadSize;
   // Now copy the (pubkey only) leaf keys across to avoid rederiving them. The private key bytes
   // are missing
   // anyway so there's nothing to decrypt.
   for (ECKey eckey : basicKeyChain.getKeys()) {
     DeterministicKey key = (DeterministicKey) eckey;
     if (key.getPath().size() != 3) continue; // Not a leaf key.
     checkState(key.isEncrypted());
     DeterministicKey parent =
         chain.hierarchy.get(checkNotNull(key.getParent()).getPath(), false, false);
     // Clone the key to the new decrypted hierarchy.
     key = new DeterministicKey(key.getPubOnly(), parent);
     chain.hierarchy.putKey(key);
     chain.basicKeyChain.importKey(key);
   }
   chain.issuedExternalKeys = issuedExternalKeys;
   chain.issuedInternalKeys = issuedInternalKeys;
   return chain;
 }
 public DeterministicKey encrypt(
     KeyCrypter keyCrypter, KeyParameter aesKey, @Nullable DeterministicKey newParent)
     throws KeyCrypterException {
   // Same as the parent code, except we construct a DeterministicKey instead of an ECKey.
   checkNotNull(keyCrypter);
   if (newParent != null) checkArgument(newParent.isEncrypted());
   final byte[] privKeyBytes = getPrivKeyBytes();
   checkState(privKeyBytes != null, "Private key is not available");
   EncryptedData encryptedPrivateKey = keyCrypter.encrypt(privKeyBytes, aesKey);
   DeterministicKey key =
       new DeterministicKey(
           childNumberPath, chainCode, keyCrypter, pub, encryptedPrivateKey, newParent);
   if (newParent == null) key.setCreationTimeSeconds(getCreationTimeSeconds());
   return key;
 }
 /**
  * A deterministic key is considered to be encrypted if it has access to encrypted private key
  * bytes, OR if its parent does. The reason is because the parent would be encrypted under the
  * same key and this key knows how to rederive its own private key bytes from the parent, if
  * needed.
  */
 @Override
 public boolean isEncrypted() {
   return priv == null && (super.isEncrypted() || (parent != null && parent.isEncrypted()));
 }