Skip to main content
Version: 1.6.2

Signing

The Vertex can be used to sign messages or transactions using the Key Shares that it holds. For a t-of-n key, t Key Shares are required to sign a message or transaction, meaning that t parties must be present to sign the message or transaction.

Signing Flow

info

Before the Vertex participates in signing, it will check if there is a Policy attached to the Key Share that is being used for signing. If there is a Policy, the Vertex will send the message data to the Rule Server for evaluation. To view the effective Policy for a Key Share, use the get-effective-key-policy endpoint.

The required parameters for signing are:

  • room_uuid - A Room UUID for this signing operation.
  • key_id - The key_id of the Key Share that will be used to sign the message.
  • derivation_path - The BIP-32 non-hardened derivation path of the key to use for signing.
  • msg - The message that will be signed (hex encoded).
  • (For Ecdsa) hash_algo - The hash algorithm used to hash the message.
  • extra_data - Any extra data (hex encoded) that was sent with the original signing request to help the Rule Server validate the request.

Creating a Room for MPC Key Generation

Each MPC signing operation requires a room to be created. For a t-of-n key t is the required room size. This can be done using the create-room endpoint:

curl -L -X POST 'https://<YOUR_VERTEX>/create-room' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: <USER_API_KEY>' \
--data-raw '{
"room_size": 2
}'

Signing a Message

To sign a message, call the sign endpoint:

curl -L -X POST 'https://<YOUR_VERTEX>/ecdsa/sign' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: <USER_API_KEY>' \
--data-raw '{
"derivation_path": [
44, 66, 0, 0, 0
],
"extra_data": "hex-encoded-extra-data",
"hash_algo": "keccak256",
"key_id": "string",
"msg": "hex-encoded-message",
"room_uuid": "string"
}'

In response a signature will be returned, which can be used to verify the signed message. The signature will be in the format of a hex encoded string for Ed25519, Sr25519 and BIP-340, for Ecdsa see here.