pub struct Ed25519 {
host_url: String,
}Expand description
A threshold Ed25519 implementation that allows distributed key generation and signing.
This struct provides methods for:
- Distributed key generation among multiple parties using threshold cryptography
- Threshold signing with Ed25519 signatures using BIP-32 compatible derivation
- Key derivation using BIP-32 non-hardened derivation paths (numeric-based)
- Secret share management, refresh, and reshare operations
- Private key import/export functionality for recovery scenarios
Ed25519 is a high-performance elliptic curve signature scheme that offers:
- Fast signature generation and verification
- Small signature size (64 bytes) and public key size (32 bytes)
- Strong security properties with resistance to side-channel attacks
- Deterministic signatures (no randomness required during signing)
- Wide adoption in modern cryptographic applications
Unlike ECDSA, Ed25519 uses a different elliptic curve (Curve25519) and does not require careful handling of randomness during signing, making it more robust against implementation errors.
Note: This implementation uses Sodot’s custom extended key format (Spub/Spriv) since there’s no standardized format for Ed25519 extended keys like BIP-32.
Fields§
§host_url: StringImplementations§
Source§impl Ed25519
impl Ed25519
Sourcepub fn with_default_host() -> Self
pub fn with_default_host() -> Self
Creates a new Ed25519 instance using the default production host URL.
This is a convenience method that creates an instance configured to use the default Sodot production relay server.
§Returns
A new Ed25519 instance configured with the default host URL.
Sourcepub fn init_keygen(&self) -> Result<(KeygenId, KeygenPrivateKey), SodotError>
pub fn init_keygen(&self) -> Result<(KeygenId, KeygenPrivateKey), SodotError>
Initializes the key generation process by creating a keygen ID and private key.
This method generates the initial cryptographic material needed to participate in multi-party key generation protocols.
§Returns
A Result containing a tuple of (KeygenId, KeygenPrivateKey)
§Errors
Returns a SodotError if the key generation initialization fails.
Sourcepub async fn create_room(
&self,
num_parties: NonZeroU16,
api_key: &str,
) -> Result<RoomUUID, SodotError>
pub async fn create_room( &self, num_parties: NonZeroU16, api_key: &str, ) -> Result<RoomUUID, SodotError>
Sourcepub async fn keygen(
&self,
room_uuid: &RoomUUID,
num_parties: NonZeroU16,
threshold: NonZeroU16,
keygen_init_keypair: &KeygenPrivateKey,
keygen_ids: &[KeygenId],
) -> Result<(Ed25519PublicKey, Ed25519SecretShare), SodotError>
pub async fn keygen( &self, room_uuid: &RoomUUID, num_parties: NonZeroU16, threshold: NonZeroU16, keygen_init_keypair: &KeygenPrivateKey, keygen_ids: &[KeygenId], ) -> Result<(Ed25519PublicKey, Ed25519SecretShare), SodotError>
Generates a threshold Ed25519 key using distributed key generation.
Multiple parties collaborate to create a shared public key and individual secret shares. The resulting public key can be used for verification, while the secret shares are required for threshold signing.
Sourcepub async fn sign(
&self,
room_uuid: &RoomUUID,
secret_share: &Ed25519SecretShare,
message: &[u8],
derivation_path: &[u32],
) -> Result<[u8; 64], SodotError>
pub async fn sign( &self, room_uuid: &RoomUUID, secret_share: &Ed25519SecretShare, message: &[u8], derivation_path: &[u32], ) -> Result<[u8; 64], SodotError>
Signs a message using the threshold Ed25519 scheme.
A subset of parties (at least the threshold) collaborate to generate a valid Ed25519 signature for a given message. The signature can be verified against the public key generated during keygen.
Sourcepub fn derive_pubkey(
&self,
secret_share: &Ed25519SecretShare,
derivation_path: &[u32],
) -> Result<Ed25519PublicKey, SodotError>
pub fn derive_pubkey( &self, secret_share: &Ed25519SecretShare, derivation_path: &[u32], ) -> Result<Ed25519PublicKey, SodotError>
Derives an Ed25519 public key using a BIP-32 non-hardened derivation path.
Derives child public keys from a secret share without needing additional threshold operations. Follows the BIP-32 standard for hierarchical deterministic key derivation.
Sourcepub fn get_spub(
&self,
secret_share: &Ed25519SecretShare,
) -> Result<Ed25519ExtendedPublicKey, SodotError>
pub fn get_spub( &self, secret_share: &Ed25519SecretShare, ) -> Result<Ed25519ExtendedPublicKey, SodotError>
Returns a base58-encoded extended public key (Spub) derived from a secret share.
The returned Spub follows Sodot’s custom extended key format and can be used with
the derive_pubkey_from_spub method for additional key derivations.
Sourcepub fn derive_pubkey_from_spub(
&self,
spub: &Ed25519ExtendedPublicKey,
derivation_path: &[u32],
) -> Result<Ed25519PublicKey, SodotError>
pub fn derive_pubkey_from_spub( &self, spub: &Ed25519ExtendedPublicKey, derivation_path: &[u32], ) -> Result<Ed25519PublicKey, SodotError>
Derives an Ed25519 public key from an extended public key (Spub) using a BIP-32 derivation path.
Derive child public keys from an extended public key without needing access to the original secret share. Useful for watch-only wallets and key management systems.
Sourcepub fn derive_private_key_from_spriv(
&self,
spriv: &Ed25519ExtendedPrivateKey,
derivation_path: &[u32],
) -> Result<[u8; 32], SodotError>
pub fn derive_private_key_from_spriv( &self, spriv: &Ed25519ExtendedPrivateKey, derivation_path: &[u32], ) -> Result<[u8; 32], SodotError>
Derives a private key from an extended private key (spriv) using a BIP-32 derivation path.
Derives child private keys from an extended private key following the BIP-32 hierarchical deterministic key derivation standard.
Sourcepub async fn refresh(
&self,
room_uuid: &RoomUUID,
secret_share: &Ed25519SecretShare,
) -> Result<(Ed25519PublicKey, Ed25519SecretShare), SodotError>
pub async fn refresh( &self, room_uuid: &RoomUUID, secret_share: &Ed25519SecretShare, ) -> Result<(Ed25519PublicKey, Ed25519SecretShare), SodotError>
Refreshes the secret material of all parties without changing the public key.
Generates fresh randomness for the secret shares while maintaining the same public key, improving security against long-term attacks. All parties must participate.
Important: Delete the input secret_share only after confirming all parties
have successfully stored their new secret shares.
Receives a key share for a new party in a reshared quorum.
Warning: Key resharing is an advanced feature. Consult with the Sodot team before using it, as incorrect usage might compromise private key security.
Allows a new party to join an existing threshold scheme by participating in a reshare protocol with existing parties.
Receives a key share for an existing party in a reshared quorum.
Warning: Key resharing is an advanced feature. Consult with the Sodot team before using it, as incorrect usage might compromise private key security.
Allows an existing party to participate in a reshare protocol to create a new threshold scheme configuration.
Sourcepub fn export_id(
&self,
secret_share: &Ed25519SecretShare,
) -> Result<KeygenId, SodotError>
pub fn export_id( &self, secret_share: &Ed25519SecretShare, ) -> Result<KeygenId, SodotError>
Extracts the KeygenID from a secret share.
Useful for reshare operations and private key export/import operations to identify parties in the threshold scheme.
Sourcepub async fn export_full_private_key(
&self,
room_uuid: &RoomUUID,
secret_share: &Ed25519SecretShare,
export_to: &KeygenId,
) -> Result<Option<Ed25519ExtendedPrivateKey>, SodotError>
pub async fn export_full_private_key( &self, room_uuid: &RoomUUID, secret_share: &Ed25519SecretShare, export_to: &KeygenId, ) -> Result<Option<Ed25519ExtendedPrivateKey>, SodotError>
Combines multiple secret shares to export the full private key to a designated party.
Requires at least a threshold number of parties to participate. The full private key
will only be revealed to the party specified by export_to. Returns Some(String)
with the full private key if the current party is the designated receiver,
None otherwise.
Sourcepub fn offline_export_full_private_key(
&self,
secret_shares: &[Ed25519SecretShare],
) -> Result<Ed25519ExtendedPrivateKey, SodotError>
pub fn offline_export_full_private_key( &self, secret_shares: &[Ed25519SecretShare], ) -> Result<Ed25519ExtendedPrivateKey, SodotError>
Locally reconstructs the full private key from a threshold number of secret shares.
Designed for offline recovery scenarios where secret shares are collected manually. Does not require network communication and can be used to recover the private key when threshold signing is not possible.
Sourcepub async fn import_private_key_recipient(
&self,
room_uuid: &RoomUUID,
threshold: NonZeroU16,
keygen_init_keypair: &KeygenPrivateKey,
keygen_ids: &[KeygenId],
) -> Result<(Ed25519PublicKey, Ed25519SecretShare), SodotError>
pub async fn import_private_key_recipient( &self, room_uuid: &RoomUUID, threshold: NonZeroU16, keygen_init_keypair: &KeygenPrivateKey, keygen_ids: &[KeygenId], ) -> Result<(Ed25519PublicKey, Ed25519SecretShare), SodotError>
Receives threshold shares of an imported private key as a recipient party.
Warning: Private key import is an advanced feature. Consult with the Sodot team before using it, as incorrect usage might compromise security.
Allows a party to participate as a recipient in importing an external private key into a threshold scheme. The private key holder will distribute shares of their key to all recipients.
Sourcepub async fn import_private_key_importer(
&self,
room_uuid: &RoomUUID,
threshold: NonZeroU16,
private_key: FullPrivateKey,
keygen_init_keypair: &KeygenPrivateKey,
keygen_ids: &[KeygenId],
) -> Result<(Ed25519PublicKey, Ed25519SecretShare), SodotError>
pub async fn import_private_key_importer( &self, room_uuid: &RoomUUID, threshold: NonZeroU16, private_key: FullPrivateKey, keygen_init_keypair: &KeygenPrivateKey, keygen_ids: &[KeygenId], ) -> Result<(Ed25519PublicKey, Ed25519SecretShare), SodotError>
Imports a private key into a threshold scheme as the importer party.
Warning: Private key import is an advanced feature. Consult with the Sodot team before using it, as incorrect usage might compromise security.
Allows a party that holds a private key to import it into a threshold scheme by distributing shares to other parties. The private key will be split among all participants.