Interface Ed25519SecureKeyHandler

Defines the contract for a secure key handler that manages a single, non-derivable Ed25519 private key.

Implementations of this interface are responsible for keeping the private key secure. The key should only be decrypted for the brief duration of a cryptographic operation in the case of in-memory implementations, after which thy must be securely wiped from memory to minimize exposure.

interface Ed25519SecureKeyHandler {
    getPrivateKey(): Promise<Ed25519PrivateKey>;
    getPublicKey(): Promise<Ed25519PublicKey>;
    serialize(): Promise<Uint8Array>;
    signData(data: string): Promise<{ key: string; signature: string }>;
    signTransaction(transaction: string): Promise<VkeyWitnessSet>;
}

Implemented by

Methods

getPrivateKey getPublicKey serialize signData signTransaction

Methods

getPrivateKey

  • getPrivateKey(): Promise<Ed25519PrivateKey>

  • Retrieves the securely stored private key.

    Returns Promise<Ed25519PrivateKey>

    A promise that resolves with the private key.

    Warning

    This operation exposes the private key in memory and should be used with extreme caution. The caller is responsible for securely handling and wiping the key from memory after use.

getPublicKey

serialize

  • serialize(): Promise<Uint8Array>

  • Serializes the encrypted key data for secure storage. This allows the handler's state to be saved and later restored.

    Returns Promise<Uint8Array>

    A promise that resolves with the encrypted and serialized key data.

signData

  • signData(data: string): Promise<{ key: string; signature: string }>

  • Signs arbitrary data using the securely stored Ed25519 private key.

    Parameters

    • data: string

      The hex-encoded data to be signed.

    Returns Promise<{ key: string; signature: string }>

    A promise that resolves with an object containing the signature and the public key.

signTransaction

  • signTransaction(transaction: string): Promise<VkeyWitnessSet>

  • Signs a transaction using the securely stored Ed25519 private key.

    Parameters

    • transaction: string

      The CBOR-encoded transaction hex string to be signed.

    Returns Promise<VkeyWitnessSet>

    A promise that resolves with the VkeyWitnessSet containing the signature.

Settings

Member Visibility

On This Page

Methods