Struct Ecdsa

Source
pub struct Ecdsa {
    host_url: String,
}
Expand description

A threshold ECDSA implementation that allows distributed key generation and signing.

This struct provides methods for:

  • Distributed key generation among multiple parties
  • Threshold signing with a subset of parties
  • Key derivation using BIP-32 paths
  • Secret share management and refresh operations
  • Private key import/export functionality

Fields§

§host_url: String

Implementations§

Source§

impl Ecdsa

Source

pub fn new(host_url: String) -> Self

Creates a new ECDSA instance with the specified host URL.

Source

pub fn with_default_host() -> Self

Creates a new ECDSA instance using the default production host URL.

Source

pub fn init_keygen(&self) -> Result<(KeygenId, KeygenPrivateKey), SodotError>

Initializes the key generation process by creating a keygen ID and private key.

Source

pub async fn create_room( &self, num_parties: NonZeroU16, api_key: &str, ) -> Result<RoomUUID, SodotError>

Creates a room for coordinating multi-party computation protocols.

Source

pub async fn keygen( &self, room_uuid: &RoomUUID, num_parties: NonZeroU16, threshold: NonZeroU16, keygen_init_keypair: &KeygenPrivateKey, keygen_ids: &[KeygenId], ) -> Result<(EcdsaPublicKey, EcdsaSecretShare), SodotError>

Generates a threshold ECDSA key.

Multiple parties collaborate to create a shared public key and individual secret shares. The resulting public key can be used for verification, while the secret shares are required for threshold signing.

Source

pub async fn sign( &self, room_uuid: &RoomUUID, secret_share: &EcdsaSecretShare, message_hash: &MessageHash, derivation_path: &[u32], ) -> Result<EcdsaSignature, SodotError>

Signs a message using the threshold ECDSA scheme.

A subset of parties (at least the threshold) collaborate to generate a valid ECDSA signature for a given message hash. The signature can be verified against the public key generated during keygen.

Source

pub fn derive_pubkey( &self, secret_share: &EcdsaSecretShare, derivation_path: &[u32], ) -> Result<EcdsaPublicKey, SodotError>

Derives a public key using a BIP-32 non-hardened derivation path.

Derives child public keys from a secret share without needing additional threshold operations. Follows the BIP-32 standard for hierarchical deterministic key derivation.

Source

pub fn get_xpub( &self, secret_share: &EcdsaSecretShare, ) -> Result<EcdsaExtendedPublicKey, SodotError>

Returns a base58-encoded extended public key (Xpub) derived from a secret share.

The returned Xpub follows the BIP-32 standard and can be used with third-party libraries or with the derive_pubkey_from_xpub method for additional key derivations.

Source

pub fn derive_pubkey_from_xpub( &self, xpub: &EcdsaExtendedPublicKey, derivation_path: &[u32], ) -> Result<EcdsaPublicKey, SodotError>

Derives a public key from an extended public key (Xpub) using a BIP-32 derivation path.

Derive child public keys from an extended public key without needing access to the original secret share. Useful for watch-only wallets and key management systems.

Source

pub fn derive_private_key_from_xpriv( &self, xpriv: &EcdsaExtendedPrivateKey, derivation_path: &[u32], ) -> Result<[u8; 32], SodotError>

Derives a private key from an extended private key (xpriv) using a BIP-32 derivation path.

Derives child private keys from an extended private key following the BIP-32 hierarchical deterministic key derivation standard.

Source

pub async fn refresh( &self, room_uuid: &RoomUUID, secret_share: &EcdsaSecretShare, ) -> Result<(EcdsaPublicKey, EcdsaSecretShare), SodotError>

Refreshes the secret material of all parties without changing the public key.

Generates fresh randomness for the secret shares while maintaining the same public key, improving security against long-term attacks. All parties must participate.

Important: Delete the input secret_share only after confirming all parties have successfully stored their new secret shares.

Source

pub async fn reshare_new_party( &self, room_uuid: &RoomUUID, new_threshold: NonZeroU16, keygen_private_key: &KeygenPrivateKey, keygen_ids: &[KeygenId], ) -> Result<(EcdsaPublicKey, EcdsaSecretShare), SodotError>

Receives a key share for a new party in a reshared quorum.

Warning: Key resharing is an advanced feature. Consult with the Sodot team before using it, as incorrect usage might compromise private key security.

Allows a new party to join an existing threshold scheme by participating in a reshare protocol with existing parties.

Source

pub async fn reshare_remaining_party( &self, room_uuid: &RoomUUID, new_threshold: NonZeroU16, secret_share: &EcdsaSecretShare, keygen_ids: &[KeygenId], ) -> Result<(EcdsaPublicKey, EcdsaSecretShare), SodotError>

Receives a new key share for a remaining party in a reshared quorum.

Warning: Key resharing is an advanced feature. Consult with the Sodot team before using it, as incorrect usage might compromise private key security.

Allows an existing party to participate in a reshare protocol to create a new threshold scheme configuration.

Source

pub fn export_id( &self, secret_share: &EcdsaSecretShare, ) -> Result<KeygenId, SodotError>

Extracts the KeygenID from a secret share.

Useful for reshare operations and private key export/import operations to identify parties in the threshold scheme.

Source

pub async fn export_full_private_key( &self, room_uuid: &RoomUUID, secret_share: &EcdsaSecretShare, export_to: &KeygenId, ) -> Result<Option<EcdsaExtendedPrivateKey>, SodotError>

Combines multiple secret shares to export the full private key to a designated party.

Requires at least a threshold number of parties to participate. The full private key will only be revealed to the party specified by export_to. Returns Some(String) with the full private key (xpriv) if the current party is the designated receiver, None otherwise.

Source

pub fn offline_export_full_private_key( &self, secret_shares: &[EcdsaSecretShare], ) -> Result<EcdsaExtendedPrivateKey, SodotError>

Locally reconstructs the full private key from a threshold number of secret shares.

Designed for offline recovery scenarios where secret shares are collected manually. Does not require network communication and can be used to recover the private key when threshold signing is not possible.

Source

pub async fn import_private_key_recipient( &self, room_uuid: &RoomUUID, threshold: NonZeroU16, keygen_init_keypair: &KeygenPrivateKey, keygen_ids: &[KeygenId], ) -> Result<(EcdsaPublicKey, EcdsaSecretShare), SodotError>

Participates as a recipient in a private key import operation.

Warning: Private key import is an advanced feature. Consult with the Sodot team before using it, as incorrect usage might compromise security.

Allows a party to participate as a recipient in importing an external private key into a threshold scheme. The private key holder will distribute shares of their key to all recipients.

Source

pub async fn import_private_key_importer( &self, room_uuid: &RoomUUID, threshold: NonZeroU16, private_key: &[u8; 32], keygen_init_keypair: &KeygenPrivateKey, keygen_ids: &[KeygenId], ) -> Result<(EcdsaPublicKey, EcdsaSecretShare), SodotError>

Participates as the importing party in a private key import operation.

Warning: Private key import is an advanced feature. Consult with the Sodot team before using it, as incorrect usage might compromise security.

Allows a party that holds a private key to import it into a threshold scheme by distributing shares to other parties. The private key will be split among all participants.

Trait Implementations§

Source§

impl Clone for Ecdsa

Source§

fn clone(&self) -> Ecdsa

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Ecdsa

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl PartialEq for Ecdsa

Source§

fn eq(&self, other: &Ecdsa) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Scheme for Ecdsa

Source§

fn new(host_url: String) -> Self

Creates a new instance of the scheme with the specified host URL.
Source§

fn host_url(&self) -> &str

Returns the host URL configured for this scheme instance.
Source§

fn with_default_host() -> Self
where Self: Sized,

Creates a new scheme instance using the default production host URL. Read more
Source§

fn init_keygen(&self) -> Result<(KeygenId, KeygenPrivateKey), SodotError>

Initializes the key generation process by creating a keygen ID and private key. Read more
Source§

fn create_room( &self, num_parties: NonZeroU16, api_key: &str, ) -> impl Future<Output = Result<RoomUUID, SodotError>>

Creates a room for coordinating multi-party computation protocols. Read more
Source§

impl Eq for Ecdsa

Source§

impl StructuralPartialEq for Ecdsa

Auto Trait Implementations§

§

impl Freeze for Ecdsa

§

impl RefUnwindSafe for Ecdsa

§

impl Send for Ecdsa

§

impl Sync for Ecdsa

§

impl Unpin for Ecdsa

§

impl UnwindSafe for Ecdsa

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.