Table of Contents

Class ExportableEd25519

Namespace
SodotSDK.ExportableEd25519
Assembly
Unity.Temp.dll

Class providing the functionality for the Ed25519 protocol the FROST MPC protocol with an added "export" functionality that should be compatible with other Ed25519 signing libraries. Notice that derivation is not supported by this class as derivation is not standardized in Ed25519-based signing libraries.

public class ExportableEd25519 : Scheme
Inheritance
MonoBehaviour
ExportableEd25519
Inherited Members

Constructors

ExportableEd25519(string)

Initializes a new instance of the ExportableEd25519 class.

public ExportableEd25519(string hostUrl)

Parameters

hostUrl string

The host URL for the MPC server.

Methods

ExportFullPrivateKey(Uuid, ExportableEd25519SecretShare, KeygenId)

Exports the full private key to a single party by combining all of the secret shares.

public Task<string> ExportFullPrivateKey(Uuid uuid, ExportableEd25519SecretShare secretShare, KeygenId keygenId)

Parameters

uuid Uuid

The room UUID.

secretShare ExportableEd25519SecretShare

The secret share.

keygenId KeygenId

The export target keygen ID.

Returns

Task<string>

The exported private key as a hex string.

GetExportId(ExportableEd25519SecretShare)

Gets the export ID from a secret share. The party that expects to receive the private key needs to call this function before ExportFullPrivateKey(Uuid, ExportableEd25519SecretShare, KeygenId). It must then transmit the ID to threshold-1 parties, this can be done in an untrusted channel (as if the parties use different keys this will break) Once the parties have the exportID of the party they want to export the private key to, the party and the threshold-1 participants need to call exportFullPrivatekey with that ID.

public Task<KeygenId> GetExportId(ExportableEd25519SecretShare secretShare)

Parameters

secretShare ExportableEd25519SecretShare

The secret share.

Returns

Task<KeygenId>

The export ID as a KeygenId.

GetPubkey(ExportableEd25519SecretShare)

Returns returns a hex encoded extended public key from a ExportableEd25519SecretShare.

public Task<ExportableEd25519PublicKey> GetPubkey(ExportableEd25519SecretShare secretShare)

Parameters

secretShare ExportableEd25519SecretShare

The secret share.

Returns

Task<ExportableEd25519PublicKey>

The public key as an ExportableEd25519PublicKey.

ImportPrivateKeyImporter(Uuid, ushort, string, KeygenSecret, KeygenId[])

Imports a private key for an importer in a threshold scheme. WARNING: Private key import is an advanced feature of the SDK. We strongly advise consulting with the Sodot team before using it, due to a full private key being imported from a different system. Secret shares generated from imported private keys will always have the risk of the private key having been compromised in the past or in the future in case the private key is not deleted after the import operation. Importing a full private key, and sharing into a T-of-N sharing, the resultant key shares will be of the exact same public key as the full private key. This is the method that an importing party (meaning one the party in possesion of the private key) should use for receiving a key share in the new T-of-N quorum.

public Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)> ImportPrivateKeyImporter(Uuid uuid, ushort threshold, string privateKeyHex, KeygenSecret keygenSecret, KeygenId[] keygenIds)

Parameters

uuid Uuid

The room UUID.

threshold ushort

The threshold for the key share.

privateKeyHex string

The private key as a hex string.

keygenSecret KeygenSecret

A KeygenSecret returned from InitKeygen.

keygenIds KeygenId[]

The keygen IDs of the parties.

Returns

Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)>

The public key and secret share.

ImportPrivateKeyRecipient(Uuid, ushort, KeygenSecret, KeygenId[])

Imports a private key for a recipient in a threshold scheme. WARNING: Private key import is an advanced feature of the SDK. We strongly advise consulting with the Sodot team before using it, due to a full private key being imported from a different system. Secret shares generated from imported private keys will always have the risk of the private key having been compromised in the past or in the future in case the private key is not deleted after the import operation. Importing a full private key, and sharing into a T-of-N sharing, the resultant key shares will be of the exact same public key as the full private key. This is the method that a new party (meaning one that does not currently have the private key) should use for receiving a key share in the new T-of-N quorum. The method takes the same input parameters as keygen since for a new party joining the quorum the import operation is very similar to a keygen operation.

public Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)> ImportPrivateKeyRecipient(Uuid uuid, ushort threshold, KeygenSecret keygenSecret, KeygenId[] keygenIds)

Parameters

uuid Uuid

The room UUID.

threshold ushort

The threshold for the key share.

keygenSecret KeygenSecret

A KeygenSecret returned from InitKeygen.

keygenIds KeygenId[]

The keygen IDs of the parties.

Returns

Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)>

The public key and secret share.

OfflineExportFullPrivateKey(ExportableEd25519SecretShare[])

Receives as input an array of ExportableEd25519SecretShare and locally computes the full private key (spriv). The main use case for this function is in an offline recovery setting where keygen results are collected manually and used to recover the full private key on an air-gapped server/device.

public Task<string> OfflineExportFullPrivateKey(ExportableEd25519SecretShare[] secretShares)

Parameters

secretShares ExportableEd25519SecretShare[]

The secret shares to combine.

Returns

Task<string>

The combined private key as a hex string.

ReceiveKey(Uuid, ushort, ushort, KeygenSecret, KeygenId[])

Receives a key for the party that will receive the private key. This method should be called by parties that will NOT export their private key.

public Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)> ReceiveKey(Uuid uuid, ushort numParties, ushort threshold, KeygenSecret keygenSecret, KeygenId[] keygenIds)

Parameters

uuid Uuid

The room UUID.

numParties ushort

Number of parties.

threshold ushort

Threshold value.

keygenSecret KeygenSecret

A KeygenSecret returned from InitKeygen.

keygenIds KeygenId[]

Array of keygen IDs.

Returns

Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)>

The public key and secret share.

Refresh(Uuid, ExportableEd25519SecretShare)

Refreshes the key pair, returning a new public key and secret share. Be careful to delete the ExportableEd25519SecretShare given as input before it is certain that all devices have properly stored the fresh ExportableEd25519SecretShare that is output. Note that the new ExportableEd25519SecretShares may only be used with each other, attempting to use older ExportableEd25519SecretShares with newer ones for signing will result in failure. The motivation for using refresh is to enhance security by switching the secret key material frequently, this means that an adversary will need to compromise multiple devices at the same time in order to compromise the private key.

public Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)> Refresh(Uuid uuid, ExportableEd25519SecretShare secretShare)

Parameters

uuid Uuid

The room UUID.

secretShare ExportableEd25519SecretShare

The current secret share.

Returns

Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)>

The new public key and secret share.

ReshareNewParty(Uuid, ushort, KeygenSecret, KeygenId[])

Reshares the secret key, adding a new party with a new threshold. WARNING: Key resharing is an advanced feature of the SDK. We strongly advise consulting with the Sodot team before using it, as incorrect usage might lead to the detriment of the private key security. To use the feature correctly, developers using this feature must make sure that at least n - t + 1 parties of the t-of-n signing quorum delete their current shares before using the resharing of the private key. Also, after resharing, the resharing operation must not be considered complete until such deletion has occurred. Since deleting a share cannot be guaranteed cryptographically, it must be guaranteed by the software architecture (hence, by the developers using the SDK).

public Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)> ReshareNewParty(Uuid uuid, ushort newThreshold, KeygenSecret keygenSecret, KeygenId[] keygenIds)

Parameters

uuid Uuid

The room UUID.

newThreshold ushort

The new threshold value.

keygenSecret KeygenSecret

A KeygenSecret returned from InitKeygen.

keygenIds KeygenId[]

The keygen IDs of the parties.

Returns

Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)>

The public key and secret share.

ReshareRemainingParty(Uuid, ushort, ExportableEd25519SecretShare, KeygenId[])

Reshares the secret share to a new party with a new threshold. WARNING: Key resharing is an advanced feature of the SDK. We strongly advise consulting with the Sodot team before using it, as incorrect usage might lead to the detriment of the private key security. To use the feature correctly, developers using this feature must make sure that at least n - t + 1 parties of the t-of-n signing quorum delete their current shares before using the resharing of the private key. Also, after resharing, the resharing operation must not be considered complete until such deletion has occurred. Since deleting a share cannot be guaranteed cryptographically, it must be guaranteed by the software architecture (hence, by the developers using the SDK).

public Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)> ReshareRemainingParty(Uuid uuid, ushort newThreshold, ExportableEd25519SecretShare secretShare, KeygenId[] keygenIds)

Parameters

uuid Uuid

The room UUID.

newThreshold ushort

The new threshold value.

secretShare ExportableEd25519SecretShare

The current secret share.

keygenIds KeygenId[]

The keygen IDs of the parties.

Returns

Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)>

The public key and secret share.

SampleKey(Uuid, ushort, ushort, KeygenSecret, KeygenId[])

Starts a distributed key generation for ExportableEd25519.

public Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)> SampleKey(Uuid uuid, ushort numParties, ushort threshold, KeygenSecret keygenSecret, KeygenId[] keygenIds)

Parameters

uuid Uuid

The room UUID.

numParties ushort

Number of parties.

threshold ushort

Threshold value.

keygenSecret KeygenSecret

A KeygenSecret returned from InitKeygen.

keygenIds KeygenId[]

Array of keygen IDs.

Returns

Task<(ExportableEd25519PublicKey, ExportableEd25519SecretShare)>

The public key and secret share.

Sign(Uuid, ExportableEd25519SecretShare, byte[])

Sign a message with ExportableEd25519SecretShare. Notice that unlike ECDSA, in ExportableEd25519 there's no need to hash the message before signing it.

public Task<ExportableEd25519Signature> Sign(Uuid uuid, ExportableEd25519SecretShare secretShare, byte[] msg)

Parameters

uuid Uuid

The room UUID.

secretShare ExportableEd25519SecretShare

The secret share.

msg byte[]

The message to sign.

Returns

Task<ExportableEd25519Signature>

The signature as an ExportableEd25519Signature.