Cluster ExportableEd25519 - Reshare a key share when you are the new party
POST/cluster/exportable-ed25519/reshare/new-party
This API endpoint requires an API Key with at least one of the following Roles: KeysManager
WARNING: Key resharing is an advanced feature of the Sodot MPC Vertex. We strongly advise consulting with the Sodot team before using it, as incorrect usage might lead to the detriment of the private key security. To use this feature correctly, developers using this feature must make sure that at least n - t + 1 parties of the t-of-n signing quorum delete their current shares before using the resharing of the private key. Also, after resharing, the resharing operation must not be considered complete until such deletion has occurred. Since deleting a share cannot be guaranteed cryptographically, it must be guaranteed by the software architecture (hence, by the developers using this API).
Resharing the private key of the t-of-n quorum of signers, the resultant key shares will be of the exact same public key as the previous quorum. Resharing should be used in cases where we aim to modify the current t-of-n quorum with a new quorum with newT-of-newN signers for the same public key.
This is the method that a new party (meaning one that does not currently have a key share) should use for receiving a key share in the new newT-of-newN quorum. The method takes the same input parameters as keygen since for a new party joining the quorum the reshare operation is very similar to a keygen operation. This is a cluster reshare meaning that you reshare from an existing cluster A to a new cluster B, B should contain all the parties from A that participate in the reshare.
Request
Header Parameters
The AUTHORIZATION header must be set to the API Key of the user. The API Key is returned when a new user is created using the /admin/create-user endpoint.
- application/json
Body
required
- HostAddress
The name of the cluster
An optional key name to use for the new key
Possible values: >= 1
relay_address
object
An Optional relay address to use only for this specific MPC operation. If not provided, the default relay address will be used. The relay address should be in the format of host:port.
anyOf
string
Responses
- 200
- 400
- 401
- 404
- 500
- application/json
- Schema
- Example (from schema)
Schema
{
"key_id": "string"
}
- application/json
- Schema
- Example (from schema)
Schema
Possible values: [already_performed_keygen, api_key_not_found, bad_n_and_t_params, bad_request_params, batch_too_large, cant_delete_boot_admin, cluster_already_exists, cluster_not_found, executor_result, failed_to_import_key_share, frozen_key_share, invalid_domain, key_not_found, key_operation_before_keygen, no_backup_private_key, no_backup_public_key, plaintext_backup_disabled, policy_already_exists, policy_in_use_by_keys, policy_in_use_by_users, policy_not_found, policy_validation_failed, room_creation_problem, rule_already_exists, rule_in_use, rule_not_found, rule_not_in_policy, user_already_exists, user_has_associated_keys, user_not_found, vertex_already_exists, vertex_not_found]
{
"err_msg": "string",
"err_type": "already_performed_keygen"
}
- application/json
- Schema
- Example (from schema)
Schema
Possible values: [access_denied, bad_key_permission]
{
"err_msg": "string",
"err_type": "access_denied"
}
- application/json
- Schema
- Example (from schema)
Schema
Possible values: [not_found]
{
"err_msg": "string",
"err_type": "not_found"
}
- application/json
- Schema
- Example (from schema)
Schema
Possible values: [internal_problem]
{
"err_msg": "string",
"err_type": "internal_problem"
}