key

package
v1.21.41 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 23, 2025 License: BSD-3-Clause Imports: 49 Imported by: 0

Documentation

Overview

Package key provides hierarchical deterministic key derivation for all key types used in the Lux network: secp256k1 (EC), BLS, Ringtail, and ML-DSA.

Package key implements key manager and helper functions.

Index

Constants

View Source 
const (
	// EnvMnemonic contains a BIP39 mnemonic phrase
	EnvMnemonic = "LUX_MNEMONIC"

	// EnvPrivateKey contains a hex-encoded secp256k1 private key
	EnvPrivateKey = "LUX_PRIVATE_KEY"

	// EnvBLSKey contains a hex-encoded BLS private key
	EnvBLSKey = "LUX_BLS_KEY"

	// EnvKeyPassword for encrypted key files
	EnvKeyPassword = "LUX_KEY_PASSWORD"
)

Environment variable names for key loading

View Source 
const (
	// Key type subdirectories
	ECKeyDir       = "ec"    // secp256k1 keys for transaction signing
	BLSKeyDir      = "bls"   // BLS keys for consensus
	RingtailKeyDir = "rt"    // Ringtail keys for ring signatures
	MLDSAKeyDir    = "mldsa" // ML-DSA keys for post-quantum signatures

	// Key file names
	PrivateKeyFile = "private.key"
	PublicKeyFile  = "public.key"
	MnemonicFile   = "mnemonic.txt"

	// Domain separation strings for HKDF
	DomainEC       = "lux-ec-key"
	DomainBLS      = "lux-bls-key"
	DomainRingtail = "lux-ringtail-key"
	DomainMLDSA    = "lux-mldsa-key"
)
View Source 
const (

	// LocalKeyName is the name of the local development key file
	LocalKeyName = "local-key"
	// LocalKeyPath is the path where the local key is stored
	LocalKeyPath = "~/.lux/keys/" + LocalKeyName + ".pk"
)
View Source 
const LUXCoinType = 9000

LUXCoinType is the BIP-44 coin type for LUX (9000')

View Source 
const SessionTimeout = 15 * time.Minute

SessionTimeout is the default session timeout for unlocked keys

Variables

View Source 
var (
	ErrBackendNotFound     = errors.New("key backend not found")
	ErrBackendNotSupported = errors.New("key backend not supported on this platform")
	ErrBackendUnavailable  = errors.New("key backend unavailable (check hardware/service)")
	ErrSigningCancelled    = errors.New("signing cancelled by user")
	ErrAuthFailed          = errors.New("authentication failed")
	ErrKeyLocked           = errors.New("key is locked, use 'lux key unlock' first")
	ErrKeyNotFound         = errors.New("key not found")
	ErrInvalidPassword     = errors.New("invalid password")
	ErrKeyExists           = errors.New("key already exists")
	ErrNoPassword          = errors.New("password required")
)
View Source 
var (
	ErrKChainUnavailable      = errors.New("kchain: network unavailable")
	ErrInvalidShareConfig     = errors.New("kchain: invalid share configuration")
	ErrInsufficientShares     = errors.New("kchain: insufficient shares for reconstruction")
	ErrValidatorUnreachable   = errors.New("kchain: validator unreachable")
	ErrShareStoreFailed       = errors.New("kchain: failed to store share")
	ErrShareRetrieveFailed    = errors.New("kchain: failed to retrieve share")
	ErrThresholdSigningFailed = errors.New("kchain: threshold signing failed")
	ErrKeyNotDistributed      = errors.New("kchain: key not distributed to validators")
)

K-Chain errors.

View Source 
var (
	ErrWCNotPaired       = errors.New("walletconnect: not paired, scan QR code first")
	ErrWCSessionExpired  = errors.New("walletconnect: session expired")
	ErrWCUserRejected    = errors.New("walletconnect: user rejected request")
	ErrWCTimeout         = errors.New("walletconnect: request timed out")
	ErrWCDisconnected    = errors.New("walletconnect: disconnected from relay")
	ErrWCNoProjectID     = errors.New("walletconnect: project ID required (set LUX_WC_PROJECT_ID)")
	ErrWCInvalidResponse = errors.New("walletconnect: invalid response from wallet")
)
View Source 
var (
	ErrInvalidType = errors.New("invalid type")
	ErrCantSpend   = errors.New("can't spend")
)
View Source 
var (
	ErrInvalidPrivateKey         = errors.New("invalid private key")
	ErrInvalidPrivateKeyLen      = errors.New("invalid private key length (expect 64 bytes in hex)")
	ErrInvalidPrivateKeyEnding   = errors.New("invalid private key ending")
	ErrInvalidPrivateKeyEncoding = errors.New("invalid private key encoding")
)

Functions

func CloseBackends added in v1.21.38 

func CloseBackends()

CloseBackends closes all active backends

func DeleteKeySet added in v1.9.11 

func DeleteKeySet(name string) error

DeleteKeySet removes a key set from the filesystem

func GenerateMnemonic added in v1.9.11 

func GenerateMnemonic() (string, error)

GenerateMnemonic generates a new BIP39 mnemonic phrase

func GetHRP 

func GetHRP(networkID uint32) string

func GetKeysDir added in v1.9.11 

func GetKeysDir() (string, error)

GetKeysDir returns the base directory for all keys

func GetLocalKeyPath added in v1.9.8 

func GetLocalKeyPath() string

GetLocalKeyPath returns the expanded path to the local key file

func GetLocalPrivateKey added in v1.9.8 

func GetLocalPrivateKey() (*secp256k1.PrivateKey, error)

GetLocalPrivateKey returns the secp256k1 private key for local development. It loads from ~/.lux/keys/local-key.pk, generating a new key if needed.

func GetMnemonicFromEnv added in v1.21.39 

func GetMnemonicFromEnv() string

GetMnemonicFromEnv returns the mnemonic from LUX_MNEMONIC environment variable. Returns empty string if not set or invalid.

func GetPasswordFromEnv added in v1.21.38 

func GetPasswordFromEnv() string

GetPasswordFromEnv returns the password from the LUX_KEY_PASSWORD environment variable

func InitializeBackends added in v1.21.38 

func InitializeBackends(ctx context.Context, config BackendConfig) error

InitializeBackends initializes all available backends

func IsKeyLocked added in v1.21.38 

func IsKeyLocked(name string) bool

IsKeyLocked checks if a key is locked using the default backend

func ListKeySets added in v1.9.11 

func ListKeySets() ([]string, error)

ListKeySets lists all available key sets

func LockAllKeys added in v1.21.38 

func LockAllKeys()

LockAllKeys locks all keys across all active backends

func LockKey added in v1.21.38 

func LockKey(name string) error

LockKey locks a key using the default backend

func RegisterBackend added in v1.21.38 

func RegisterBackend(b KeyBackend)

RegisterBackend registers a key backend

func SaveKeySet added in v1.9.11 

func SaveKeySet(keySet *HDKeySet) error

SaveKeySet saves key set through the encrypted backend - never stores plaintext secrets Deprecated: Use the backend system directly instead

func SetDefaultBackend added in v1.21.38 

func SetDefaultBackend(t BackendType) error

SetDefaultBackend sets the default backend type

func SortTransferableInputsWithSigners 

func SortTransferableInputsWithSigners(ins []*lux.TransferableInput, signers [][]ids.ShortID)

SortTransferableInputsWithSigners sorts the inputs and signers based on the input's utxo ID.

This is based off of (generics?): https://github.com/luxfi/node/blob/224c9fd23d41839201dd0275ac864a845de6e93e/vms/components/lux/transferables.go#L202

func UnlockKey added in v1.21.38 

func UnlockKey(name, password string) error

UnlockKey unlocks a key using the default backend

func ValidateMnemonic added in v1.9.11 

func ValidateMnemonic(mnemonic string) bool

ValidateMnemonic validates a BIP39 mnemonic phrase

Types

type AlgorithmInfo added in v1.21.38 

type AlgorithmInfo struct {
	Name             string   `json:"name"`
	Type             string   `json:"type"`          // "signing", "encryption", "key-exchange"
	SecurityLevel    int      `json:"securityLevel"` // bits
	KeySize          int      `json:"keySize,omitempty"`
	SignatureSize    int      `json:"signatureSize,omitempty"`
	PostQuantum      bool     `json:"postQuantum"`
	ThresholdSupport bool     `json:"thresholdSupport"`
	Description      string   `json:"description"`
	Standards        []string `json:"standards,omitempty"` // NIST, IETF, etc.
}

AlgorithmInfo describes a supported signing algorithm.

type BackendConfig added in v1.21.38 

type BackendConfig struct {
	// DataDir is the base directory for key storage
	DataDir string

	// WalletConnectProjectID for WalletConnect backend
	WalletConnectProjectID string

	// ZymbitDevicePath for Zymbit HSM
	ZymbitDevicePath string

	// YubikeyPIN for Yubikey operations
	YubikeyPIN string
}

BackendConfig holds configuration for backend initialization

type BackendType added in v1.21.38 

type BackendType string

BackendType identifies the key storage backend 

const (
	// BackendSoftware is the default encrypted file storage
	BackendSoftware BackendType = "software"

	// BackendKeychain uses macOS Keychain with optional TouchID
	BackendKeychain BackendType = "keychain"

	// BackendSecretService uses Linux Secret Service API (GNOME Keyring, KWallet)
	BackendSecretService BackendType = "secret-service"

	// BackendYubikey uses Yubikey for key storage/signing
	BackendYubikey BackendType = "yubikey"

	// BackendZymbit uses Zymbit HSM (Raspberry Pi hardware security)
	BackendZymbit BackendType = "zymbit"

	// BackendWalletConnect uses mobile wallet for remote signing
	BackendWalletConnect BackendType = "walletconnect"

	// BackendLedger uses Ledger hardware wallet (optional)
	BackendLedger BackendType = "ledger"

	// BackendEnv loads keys from environment variables
	BackendEnv BackendType = "env"
)
const BackendKChain BackendType = "kchain"

BackendKChain is the K-Chain distributed secrets backend type.

type CreateKeyOptions added in v1.21.38 

type CreateKeyOptions struct {
	// Mnemonic is an optional existing mnemonic phrase
	Mnemonic string

	// Password for encryption (software backend)
	Password string

	// UseBiometrics enables TouchID/FaceID on macOS
	UseBiometrics bool

	// YubikeySlot specifies the PIV slot for Yubikey
	YubikeySlot int

	// ImportOnly indicates we're importing, not generating
	ImportOnly bool
}

CreateKeyOptions contains options for key creation

type CreateKeyParams added in v1.21.38 

type CreateKeyParams struct {
	Name        string   `json:"name"`
	Algorithm   string   `json:"algorithm"`           // "bls", "ecdsa-secp256k1", "eddsa-ed25519", "ml-dsa-65"
	KeyType     string   `json:"keyType,omitempty"`   // "signing", "encryption", "both"
	Threshold   int      `json:"threshold,omitempty"` // For distributed keys
	TotalShares int      `json:"totalShares,omitempty"`
	Validators  []string `json:"validators,omitempty"` // Validator addresses for distribution
	Tags        []string `json:"tags,omitempty"`
	Metadata    string   `json:"metadata,omitempty"` // Custom metadata JSON
}

CreateKeyParams contains parameters for creating a key.

type CreateKeyResult added in v1.21.38 

type CreateKeyResult struct {
	Key       KeyMetadata `json:"key"`
	PublicKey string      `json:"publicKey"`
	ShareIDs  []string    `json:"shareIds,omitempty"` // For distributed keys
}

CreateKeyResult contains the result of creating a key.

type DecryptParams added in v1.21.38 

type DecryptParams struct {
	KeyID      string `json:"keyId"`
	Ciphertext string `json:"ciphertext"` // Base64-encoded
	Nonce      string `json:"nonce,omitempty"`
	Tag        string `json:"tag,omitempty"`
	AAD        string `json:"aad,omitempty"`
}

DecryptParams contains parameters for decryption.

type DecryptResult added in v1.21.38 

type DecryptResult struct {
	Plaintext string `json:"plaintext"` // Base64-encoded
}

DecryptResult contains the result of decryption.

type DeleteKeyParams added in v1.21.38 

type DeleteKeyParams struct {
	ID    string `json:"id"`
	Force bool   `json:"force,omitempty"` // Force deletion even if shares exist
}

DeleteKeyParams contains parameters for deleting a key.

type DeleteKeyResult added in v1.21.38 

type DeleteKeyResult struct {
	Success       bool     `json:"success"`
	DeletedShares []string `json:"deletedShares,omitempty"`
}

DeleteKeyResult contains the result of deleting a key.

type DeleteShareParams added in v1.21.38 

type DeleteShareParams struct {
	KeyID       string `json:"keyId"`
	ShareID     string `json:"shareId,omitempty"`
	ValidatorID string `json:"validatorId,omitempty"`
}

DeleteShareParams contains parameters for deleting a share.

type DeleteShareResult added in v1.21.38 

type DeleteShareResult struct {
	Deleted bool   `json:"deleted"`
	Message string `json:"message,omitempty"`
}

DeleteShareResult contains the result of share deletion.

type DistributeKeyParams added in v1.21.38 

type DistributeKeyParams struct {
	KeyID      string   `json:"keyId"`
	Threshold  int      `json:"threshold"`
	TotalParts int      `json:"totalParts"`
	Validators []string `json:"validators"`
}

DistributeKeyParams contains parameters for key distribution.

type DistributeKeyResult added in v1.21.38 

type DistributeKeyResult struct {
	Success        bool     `json:"success"`
	ShareIDs       []string `json:"shareIds"`
	GroupPublicKey string   `json:"groupPublicKey,omitempty"`
}

DistributeKeyResult contains the result of key distribution.

type DistributedKeyInfo added in v1.21.38 

type DistributedKeyInfo struct {
	Name           string      `json:"name"`
	GroupPublicKey []byte      `json:"group_public_key"`
	ShareConfig    ShareConfig `json:"share_config"`
	CreatedAt      int64       `json:"created_at"`
	KeyType        string      `json:"key_type"` // "bls", "ec"
}

DistributedKeyInfo holds metadata about a distributed key.

type EncryptParams added in v1.21.38 

type EncryptParams struct {
	KeyID     string `json:"keyId"`
	Plaintext string `json:"plaintext"`     // Base64-encoded
	AAD       string `json:"aad,omitempty"` // Additional authenticated data
}

EncryptParams contains parameters for encryption.

type EncryptResult added in v1.21.38 

type EncryptResult struct {
	Ciphertext string `json:"ciphertext"` // Base64-encoded
	Nonce      string `json:"nonce,omitempty"`
	Tag        string `json:"tag,omitempty"` // For AEAD
}

EncryptResult contains the result of encryption.

type EncryptedShare added in v1.21.38 

type EncryptedShare struct {
	Index        int    // Share index (1 to N)
	Ciphertext   []byte // ML-KEM ciphertext
	EncryptedKey []byte // AES-GCM encrypted share data
	Nonce        []byte // AES-GCM nonce
	ValidatorID  string // Target validator identifier
}

EncryptedShare holds an ML-KEM encrypted key share.

type EnvBackend added in v1.21.38 

type EnvBackend struct {
	// contains filtered or unexported fields
}

EnvBackend loads keys from environment variables This is useful for CI/CD, containers, and automation

func NewEnvBackend added in v1.21.38 

func NewEnvBackend() *EnvBackend

NewEnvBackend creates an environment variable backend

func (*EnvBackend) Available added in v1.21.38 

func (b *EnvBackend) Available() bool

func (*EnvBackend) Close added in v1.21.38 

func (b *EnvBackend) Close() error

func (*EnvBackend) CreateKey added in v1.21.38 

func (b *EnvBackend) CreateKey(ctx context.Context, name string, opts CreateKeyOptions) (*HDKeySet, error)

func (*EnvBackend) DeleteKey added in v1.21.38 

func (b *EnvBackend) DeleteKey(ctx context.Context, name string) error

func (*EnvBackend) GetKeyChecksum added in v1.21.38 

func (b *EnvBackend) GetKeyChecksum(name string) (string, error)

func (*EnvBackend) Initialize added in v1.21.38 

func (b *EnvBackend) Initialize(ctx context.Context) error

func (*EnvBackend) IsLocked added in v1.21.38 

func (b *EnvBackend) IsLocked(name string) bool

func (*EnvBackend) ListKeys added in v1.21.38 

func (b *EnvBackend) ListKeys(ctx context.Context) ([]KeyInfo, error)

func (*EnvBackend) LoadKey added in v1.21.38 

func (b *EnvBackend) LoadKey(ctx context.Context, name, password string) (*HDKeySet, error)

func (*EnvBackend) Lock added in v1.21.38 

func (b *EnvBackend) Lock(ctx context.Context, name string) error

func (*EnvBackend) Name added in v1.21.38 

func (b *EnvBackend) Name() string

func (*EnvBackend) RequiresHardware added in v1.21.38 

func (b *EnvBackend) RequiresHardware() bool

func (*EnvBackend) RequiresPassword added in v1.21.38 

func (b *EnvBackend) RequiresPassword() bool

func (*EnvBackend) SaveKey added in v1.21.38 

func (b *EnvBackend) SaveKey(ctx context.Context, keySet *HDKeySet, password string) error

func (*EnvBackend) Sign added in v1.21.38 

func (b *EnvBackend) Sign(ctx context.Context, name string, request SignRequest) (*SignResponse, error)

func (*EnvBackend) SupportsRemoteSigning added in v1.21.38 

func (b *EnvBackend) SupportsRemoteSigning() bool

func (*EnvBackend) Type added in v1.21.38 

func (b *EnvBackend) Type() BackendType

func (*EnvBackend) Unlock added in v1.21.38 

func (b *EnvBackend) Unlock(ctx context.Context, name, password string) error

type GatherSharesParams added in v1.21.38 

type GatherSharesParams struct {
	KeyID     string   `json:"keyId"`
	ShareIDs  []string `json:"shareIds,omitempty"` // Optional: specific shares to use
	MinShares int      `json:"minShares,omitempty"`
}

GatherSharesParams contains parameters for gathering shares.

type GatherSharesResult added in v1.21.38 

type GatherSharesResult struct {
	Available int      `json:"available"`
	Required  int      `json:"required"`
	ShareIDs  []string `json:"shareIds"`
	Ready     bool     `json:"ready"`
}

GatherSharesResult contains gathered share information.

type GetKeyByIDParams added in v1.21.38 

type GetKeyByIDParams struct {
	ID string `json:"id"`
}

GetKeyByIDParams contains parameters for getting a key by ID.

type GetKeyByNameParams added in v1.21.38 

type GetKeyByNameParams struct {
	Name string `json:"name"`
}

GetKeyByNameParams contains parameters for getting a key by name.

type GetPublicKeyParams added in v1.21.38 

type GetPublicKeyParams struct {
	KeyID  string `json:"keyId"`
	Format string `json:"format,omitempty"` // "raw", "pem", "der", "jwk"
}

GetPublicKeyParams contains parameters for retrieving a public key.

type GetPublicKeyResult added in v1.21.38 

type GetPublicKeyResult struct {
	PublicKey string `json:"publicKey"`
	Algorithm string `json:"algorithm"`
	Format    string `json:"format"`
}

GetPublicKeyResult contains the public key.

type HDKeySet added in v1.9.11 

type HDKeySet struct {
	Name     string
	Mnemonic string

	// secp256k1 (EC) keys
	ECPrivateKey []byte
	ECPublicKey  []byte
	ECAddress    string // Ethereum-style address (0x...)

	// BLS keys
	BLSPrivateKey []byte
	BLSPublicKey  []byte
	BLSPoP        []byte

	// Ringtail keys
	RingtailPrivateKey []byte
	RingtailPublicKey  []byte

	// ML-DSA keys
	MLDSAPrivateKey []byte
	MLDSAPublicKey  []byte

	// Node identity
	NodeID         string // Node ID derived from staking key
	StakingKeyPEM  []byte // TLS private key for node staking
	StakingCertPEM []byte // TLS certificate for node staking
}

HDKeySet represents a complete set of keys derived from a single seed

func DeriveAllKeys added in v1.9.11 

func DeriveAllKeys(name, mnemonic string) (*HDKeySet, error)

DeriveAllKeys derives all key types from a mnemonic phrase using account index 0

func DeriveAllKeysWithAccount added in v1.21.39 

func DeriveAllKeysWithAccount(name, mnemonic string, accountIndex uint32) (*HDKeySet, error)

DeriveAllKeysWithAccount derives all key types from a mnemonic phrase with a specific account index

func LoadKeySet added in v1.9.11 

func LoadKeySet(name string) (*HDKeySet, error)

LoadKeySet loads keys through the encrypted backend Deprecated: Use the backend system directly instead

func LoadKeySetPublicOnly added in v1.21.39 

func LoadKeySetPublicOnly(name string) (*HDKeySet, error)

LoadKeySetPublicOnly loads only public key information (no password needed)

type HealthResult added in v1.21.38 

type HealthResult struct {
	Healthy    bool             `json:"healthy"`
	Version    string           `json:"version"`
	Uptime     int64            `json:"uptime"` // seconds
	Validators map[string]bool  `json:"validators"`
	Latency    map[string]int64 `json:"latency"` // ms
}

HealthResult contains service health information.

type KChainBackend added in v1.21.38 

type KChainBackend struct {
	// contains filtered or unexported fields
}

KChainBackend implements distributed key storage using threshold cryptography.

func NewKChainBackend added in v1.21.38 

func NewKChainBackend() *KChainBackend

NewKChainBackend creates a new K-Chain distributed secrets backend.

func (*KChainBackend) Available added in v1.21.38 

func (b *KChainBackend) Available() bool

Available checks if this backend is available (connected to K-Chain).

func (*KChainBackend) Close added in v1.21.38 

func (b *KChainBackend) Close() error

Close cleans up resources.

func (*KChainBackend) CreateKey added in v1.21.38 

func (b *KChainBackend) CreateKey(ctx context.Context, name string, opts CreateKeyOptions) (*HDKeySet, error)

CreateKey creates a new distributed key set.

func (*KChainBackend) DeleteKey added in v1.21.38 

func (b *KChainBackend) DeleteKey(ctx context.Context, name string) error

DeleteKey removes distributed shares from validators.

func (*KChainBackend) DistributeBLSKey added in v1.21.38 

func (b *KChainBackend) DistributeBLSKey(ctx context.Context, name string, config ShareConfig) (threshold.PublicKey, error)

DistributeBLSKey distributes a BLS key using threshold BLS scheme.

func (*KChainBackend) DistributeKey added in v1.21.38 

func (b *KChainBackend) DistributeKey(ctx context.Context, name string, keyData []byte, config ShareConfig) error

DistributeKey splits a key into shares and distributes to validators.

func (*KChainBackend) Initialize added in v1.21.38 

func (b *KChainBackend) Initialize(ctx context.Context) error

Initialize sets up the backend and attempts K-Chain connection.

func (*KChainBackend) IsLocked added in v1.21.38 

func (b *KChainBackend) IsLocked(name string) bool

IsLocked returns false; distributed keys are not locked in traditional sense.

func (*KChainBackend) ListKeys added in v1.21.38 

func (b *KChainBackend) ListKeys(ctx context.Context) ([]KeyInfo, error)

ListKeys returns all distributed keys.

func (*KChainBackend) LoadKey added in v1.21.38 

func (b *KChainBackend) LoadKey(ctx context.Context, name, password string) (*HDKeySet, error)

LoadKey loads a distributed key by reconstructing from shares.

func (*KChainBackend) Lock added in v1.21.38 

func (b *KChainBackend) Lock(ctx context.Context, name string) error

Lock is a no-op for distributed keys (always protected by threshold).

func (*KChainBackend) Name added in v1.21.38 

func (b *KChainBackend) Name() string

Name returns a human-readable name.

func (*KChainBackend) ReconstructKey added in v1.21.38 

func (b *KChainBackend) ReconstructKey(ctx context.Context, name string) ([]byte, error)

ReconstructKey gathers K shares and reconstructs the secret.

func (*KChainBackend) RequiresHardware added in v1.21.38 

func (b *KChainBackend) RequiresHardware() bool

RequiresHardware returns false; uses network validators.

func (*KChainBackend) RequiresPassword added in v1.21.38 

func (b *KChainBackend) RequiresPassword() bool

RequiresPassword returns false; keys are protected by threshold distribution.

func (*KChainBackend) SaveKey added in v1.21.38 

func (b *KChainBackend) SaveKey(ctx context.Context, keySet *HDKeySet, password string) error

SaveKey distributes a key set to validators.

func (*KChainBackend) SetEndpoint added in v1.21.38 

func (b *KChainBackend) SetEndpoint(endpoint string)

SetEndpoint configures the K-Chain endpoint.

func (*KChainBackend) Sign added in v1.21.38 

func (b *KChainBackend) Sign(ctx context.Context, name string, request SignRequest) (*SignResponse, error)

Sign performs threshold BLS signing using validators.

func (*KChainBackend) SupportsRemoteSigning added in v1.21.38 

func (b *KChainBackend) SupportsRemoteSigning() bool

SupportsRemoteSigning returns true; signing happens on validators.

func (*KChainBackend) Type added in v1.21.38 

func (b *KChainBackend) Type() BackendType

Type returns the backend type identifier.

func (*KChainBackend) Unlock added in v1.21.38 

func (b *KChainBackend) Unlock(ctx context.Context, name, password string) error

Unlock is a no-op for distributed keys.

type KChainRPCClient added in v1.21.38 

type KChainRPCClient struct {
	// contains filtered or unexported fields
}

KChainRPCClient implements the K-Chain Key Management API.

func NewKChainRPCClient added in v1.21.38 

func NewKChainRPCClient(endpoint string) *KChainRPCClient

NewKChainRPCClient creates a new K-Chain RPC client.

func (*KChainRPCClient) CreateKey added in v1.21.38 

func (c *KChainRPCClient) CreateKey(ctx context.Context, params CreateKeyParams) (*CreateKeyResult, error)

CreateKey creates a new key. POST /keys

func (*KChainRPCClient) Decrypt added in v1.21.38 

func (c *KChainRPCClient) Decrypt(ctx context.Context, params DecryptParams) (*DecryptResult, error)

Decrypt decrypts data using the specified key. POST /keys/{id}/decrypt

func (*KChainRPCClient) DeleteKey added in v1.21.38 

func (c *KChainRPCClient) DeleteKey(ctx context.Context, params DeleteKeyParams) (*DeleteKeyResult, error)

DeleteKey removes a key and its distributed shares. DELETE /keys/{id}

func (*KChainRPCClient) DeleteShare added in v1.21.38 

func (c *KChainRPCClient) DeleteShare(ctx context.Context, params DeleteShareParams) (*DeleteShareResult, error)

DeleteShare deletes a share from a validator.

func (*KChainRPCClient) DistributeKey added in v1.21.38 

func (c *KChainRPCClient) DistributeKey(ctx context.Context, params DistributeKeyParams) (*DistributeKeyResult, error)

DistributeKey distributes a key to validators using threshold sharing.

func (*KChainRPCClient) Encrypt added in v1.21.38 

func (c *KChainRPCClient) Encrypt(ctx context.Context, params EncryptParams) (*EncryptResult, error)

Encrypt encrypts data using the specified key. POST /keys/{id}/encrypt

func (*KChainRPCClient) GatherShares added in v1.21.38 

func (c *KChainRPCClient) GatherShares(ctx context.Context, params GatherSharesParams) (*GatherSharesResult, error)

GatherShares checks availability of key shares.

func (*KChainRPCClient) GetKeyByID added in v1.21.38 

func (c *KChainRPCClient) GetKeyByID(ctx context.Context, id string) (*KeyMetadata, error)

GetKeyByID retrieves a key by its unique ID. GET /keys/{id}

func (*KChainRPCClient) GetKeyByName added in v1.21.38 

func (c *KChainRPCClient) GetKeyByName(ctx context.Context, name string) (*KeyMetadata, error)

GetKeyByName retrieves a key by its name. GET /keys/name/{name}

func (*KChainRPCClient) GetPublicKey added in v1.21.38 

func (c *KChainRPCClient) GetPublicKey(ctx context.Context, params GetPublicKeyParams) (*GetPublicKeyResult, error)

GetPublicKey retrieves the public key for a key ID. GET /keys/{id}/publicKey

func (*KChainRPCClient) Health added in v1.21.38 

func (c *KChainRPCClient) Health(ctx context.Context) (*HealthResult, error)

Health checks service health.

func (*KChainRPCClient) ListAlgorithms added in v1.21.38 

func (c *KChainRPCClient) ListAlgorithms(ctx context.Context) (*ListAlgorithmsResult, error)

ListAlgorithms lists all supported signing algorithms. GET /algorithms

func (*KChainRPCClient) ListKeys added in v1.21.38 

func (c *KChainRPCClient) ListKeys(ctx context.Context, params ListKeysParams) (*ListKeysResult, error)

ListKeys retrieves all keys with optional filtering. GET /keys

func (*KChainRPCClient) RequestSignatureShare added in v1.21.38 

func (c *KChainRPCClient) RequestSignatureShare(ctx context.Context, params RequestSignatureShareParams) (*RequestSignatureShareResult, error)

RequestSignatureShare requests a signature share from a validator.

func (*KChainRPCClient) ReshareKey added in v1.21.38 

func (c *KChainRPCClient) ReshareKey(ctx context.Context, params ReshareKeyParams) (*ReshareKeyResult, error)

ReshareKey reshares a distributed key with new parameters.

func (*KChainRPCClient) RetrieveShare added in v1.21.38 

func (c *KChainRPCClient) RetrieveShare(ctx context.Context, params RetrieveShareParams) (*RetrieveShareResult, error)

RetrieveShare retrieves an encrypted share from a validator.

func (*KChainRPCClient) SetAPIKey added in v1.21.38 

func (c *KChainRPCClient) SetAPIKey(apiKey string)

SetAPIKey sets the API key for authenticated requests.

func (*KChainRPCClient) Sign added in v1.21.38 

func (c *KChainRPCClient) Sign(ctx context.Context, params SignParams) (*SignResult, error)

Sign creates a signature using the specified key. POST /keys/{id}/sign

func (*KChainRPCClient) StoreShare added in v1.21.38 

func (c *KChainRPCClient) StoreShare(ctx context.Context, params StoreShareParams) (*StoreShareResult, error)

StoreShare stores an encrypted share on a validator.

func (*KChainRPCClient) ThresholdSign added in v1.21.38 

func (c *KChainRPCClient) ThresholdSign(ctx context.Context, params ThresholdSignParams) (*ThresholdSignResult, error)

ThresholdSign performs a threshold signature using distributed shares.

func (*KChainRPCClient) UpdateKey added in v1.21.38 

func (c *KChainRPCClient) UpdateKey(ctx context.Context, params UpdateKeyParams) (*KeyMetadata, error)

UpdateKey updates key metadata. PATCH /keys/{id}

func (*KChainRPCClient) Verify added in v1.21.38 

func (c *KChainRPCClient) Verify(ctx context.Context, params VerifyParams) (*VerifyResult, error)

Verify verifies a signature. POST /keys/{id}/verify or POST /verify

type Key 

type Key interface {
	// P returns all formatted P-Chain addresses.
	P() []string
	// C returns the C-Chain address in Ethereum format
	C() string
	// Addresses returns the all raw ids.ShortID address.
	Addresses() []ids.ShortID
	// Match attempts to match a list of addresses up to the provided threshold.
	Match(owners *secp256k1fx.OutputOwners, time uint64) ([]uint32, []ids.ShortID, bool)
	// Spend attempts to spend all specified UTXOs (outputs)
	// and returns the new UTXO inputs.
	//
	// If target amount is specified, it only uses the
	// outputs until the total spending is below the target
	// amount.
	Spends(outputs []*lux.UTXO, opts ...OpOption) (
		totalBalanceToSpend uint64,
		inputs []*lux.TransferableInput,
		signers [][]ids.ShortID,
	)
	// Sign generates [numSigs] signatures and attaches them to [pTx].
	Sign(pTx *txs.Tx, signers [][]ids.ShortID) error
}

Key defines methods for key manager interface.

type KeyBackend added in v1.21.38 

type KeyBackend interface {
	// Type returns the backend type identifier
	Type() BackendType

	// Name returns a human-readable name
	Name() string

	// Available checks if this backend is available on the current system
	Available() bool

	// RequiresPassword returns true if password is needed
	RequiresPassword() bool

	// RequiresHardware returns true if hardware device is needed
	RequiresHardware() bool

	// SupportsRemoteSigning returns true if signing is done externally
	SupportsRemoteSigning() bool

	// Initialize sets up the backend (creates directories, connects to services, etc.)
	Initialize(ctx context.Context) error

	// Close cleans up resources
	Close() error

	// CreateKey creates a new key set with the given name
	CreateKey(ctx context.Context, name string, opts CreateKeyOptions) (*HDKeySet, error)

	// LoadKey loads a key set by name
	LoadKey(ctx context.Context, name, password string) (*HDKeySet, error)

	// SaveKey saves a key set
	SaveKey(ctx context.Context, keySet *HDKeySet, password string) error

	// DeleteKey removes a key
	DeleteKey(ctx context.Context, name string) error

	// ListKeys returns all available keys
	ListKeys(ctx context.Context) ([]KeyInfo, error)

	// Lock locks a key (clears from memory)
	Lock(ctx context.Context, name string) error

	// Unlock unlocks a key for use
	Unlock(ctx context.Context, name, password string) error

	// IsLocked checks if a key is locked
	IsLocked(name string) bool

	// Sign signs data with the specified key
	Sign(ctx context.Context, name string, request SignRequest) (*SignResponse, error)
}

KeyBackend defines the interface for all key storage backends

func GetBackend added in v1.21.38 

func GetBackend(t BackendType) (KeyBackend, error)

GetBackend returns a backend by type

func GetDefaultBackend added in v1.21.38 

func GetDefaultBackend() (KeyBackend, error)

GetDefaultBackend returns the default backend for the current platform

func ListAvailableBackends added in v1.21.38 

func ListAvailableBackends() []KeyBackend

ListAvailableBackends returns all available backends

type KeyInfo added in v1.21.38 

type KeyInfo struct {
	Name      string
	Address   string
	NodeID    string
	Encrypted bool
	Locked    bool
	CreatedAt time.Time
}

KeyInfo represents information about a stored key

type KeyMetadata added in v1.21.38 

type KeyMetadata struct {
	ID          string    `json:"id"`
	Name        string    `json:"name"`
	Algorithm   string    `json:"algorithm"`
	KeyType     string    `json:"keyType"`
	PublicKey   string    `json:"publicKey,omitempty"`
	CreatedAt   time.Time `json:"createdAt"`
	UpdatedAt   time.Time `json:"updatedAt"`
	Distributed bool      `json:"distributed"`
	Threshold   int       `json:"threshold,omitempty"`
	TotalShares int       `json:"totalShares,omitempty"`
	Status      string    `json:"status"`
	Tags        []string  `json:"tags,omitempty"`
}

KeyMetadata represents key information returned by the API.

type ListAlgorithmsResult added in v1.21.38 

type ListAlgorithmsResult struct {
	Algorithms []AlgorithmInfo `json:"algorithms"`
}

ListAlgorithmsResult contains supported algorithms.

type ListKeysParams added in v1.21.38 

type ListKeysParams struct {
	Offset    int      `json:"offset,omitempty"`
	Limit     int      `json:"limit,omitempty"`
	Algorithm string   `json:"algorithm,omitempty"`
	Status    string   `json:"status,omitempty"`
	Tags      []string `json:"tags,omitempty"`
}

ListKeysParams contains parameters for listing keys.

type ListKeysResult added in v1.21.38 

type ListKeysResult struct {
	Keys  []KeyMetadata `json:"keys"`
	Total int           `json:"total"`
}

ListKeysResult contains the result of listing keys.

type Op 

type Op struct {
	// contains filtered or unexported fields
}

type OpOption 

type OpOption func(*Op)

func WithFeeDeduct 

func WithFeeDeduct(fee uint64) OpOption

To deduct transfer fee from total spend (output). e.g., "units.MilliLux" for X/P-Chain transfer.

func WithTargetAmount 

func WithTargetAmount(ta uint64) OpOption

func WithTime 

func WithTime(t uint64) OpOption

type RPCError added in v1.21.38 

type RPCError struct {
	Code    int    `json:"code"`
	Message string `json:"message"`
	Data    string `json:"data,omitempty"`
}

RPCError represents a JSON-RPC error.

func (*RPCError) Error added in v1.21.38 

func (e *RPCError) Error() string

type RPCRequest added in v1.21.38 

type RPCRequest struct {
	JSONRPC string      `json:"jsonrpc"`
	ID      int         `json:"id"`
	Method  string      `json:"method"`
	Params  interface{} `json:"params,omitempty"`
}

RPCRequest represents a JSON-RPC 2.0 request.

type RPCResponse added in v1.21.38 

type RPCResponse struct {
	JSONRPC string          `json:"jsonrpc"`
	ID      int             `json:"id"`
	Result  json.RawMessage `json:"result,omitempty"`
	Error   *RPCError       `json:"error,omitempty"`
}

RPCResponse represents a JSON-RPC 2.0 response.

type RequestSignatureShareParams added in v1.21.38 

type RequestSignatureShareParams struct {
	KeyID       string `json:"keyId"`
	Message     string `json:"message"`
	ValidatorID string `json:"validatorId"`
	Algorithm   string `json:"algorithm"`
}

RequestSignatureShareParams contains parameters for requesting a signature share.

type RequestSignatureShareResult added in v1.21.38 

type RequestSignatureShareResult struct {
	ShareID   string `json:"shareId"`
	ShareData string `json:"shareData"` // Signature share
	Proof     string `json:"proof,omitempty"`
}

RequestSignatureShareResult contains the signature share.

type ReshareKeyParams added in v1.21.38 

type ReshareKeyParams struct {
	KeyID         string   `json:"keyId"`
	NewThreshold  int      `json:"newThreshold"`
	NewTotalParts int      `json:"newTotalParts"`
	NewValidators []string `json:"newValidators"`
}

ReshareKeyParams contains parameters for key resharing.

type ReshareKeyResult added in v1.21.38 

type ReshareKeyResult struct {
	Success     bool     `json:"success"`
	NewShareIDs []string `json:"newShareIds"`
}

ReshareKeyResult contains the result of key resharing.

type RetrieveShareParams added in v1.21.38 

type RetrieveShareParams struct {
	KeyID       string `json:"keyId"`
	ShareID     string `json:"shareId,omitempty"`
	ValidatorID string `json:"validatorId,omitempty"`
}

RetrieveShareParams contains parameters for retrieving a share.

type RetrieveShareResult added in v1.21.38 

type RetrieveShareResult struct {
	ShareID     string `json:"shareId"`
	ShareIndex  int    `json:"shareIndex"`
	ShareData   string `json:"shareData"` // Encrypted
	ValidatorID string `json:"validatorId"`
	Timestamp   int64  `json:"timestamp"`
}

RetrieveShareResult contains the retrieved share.

type SOp 

type SOp struct {
	// contains filtered or unexported fields
}

type SOpOption 

type SOpOption func(*SOp)

func WithPrivateKey 

func WithPrivateKey(privKey *secp256k1.PrivateKey) SOpOption

To create a new key SoftKey with a pre-loaded private key.

func WithPrivateKeyEncoded 

func WithPrivateKeyEncoded(privKey string) SOpOption

To create a new key SoftKey with a pre-defined private key.

type SecretServiceBackend added in v1.21.38 

type SecretServiceBackend struct {
	// contains filtered or unexported fields
}

SecretServiceBackend uses Linux Secret Service API (GNOME Keyring, KWallet)

func NewSecretServiceBackend added in v1.21.38 

func NewSecretServiceBackend() *SecretServiceBackend

NewSecretServiceBackend creates a Linux Secret Service backend

func (*SecretServiceBackend) Available added in v1.21.38 

func (b *SecretServiceBackend) Available() bool

func (*SecretServiceBackend) Close added in v1.21.38 

func (b *SecretServiceBackend) Close() error

func (*SecretServiceBackend) CreateKey added in v1.21.38 

func (b *SecretServiceBackend) CreateKey(ctx context.Context, name string, opts CreateKeyOptions) (*HDKeySet, error)

func (*SecretServiceBackend) DeleteKey added in v1.21.38 

func (b *SecretServiceBackend) DeleteKey(ctx context.Context, name string) error

func (*SecretServiceBackend) GetKeyChecksum added in v1.21.38 

func (b *SecretServiceBackend) GetKeyChecksum(name string) (string, error)

func (*SecretServiceBackend) Initialize added in v1.21.38 

func (b *SecretServiceBackend) Initialize(ctx context.Context) error

func (*SecretServiceBackend) IsLocked added in v1.21.38 

func (b *SecretServiceBackend) IsLocked(name string) bool

func (*SecretServiceBackend) ListKeys added in v1.21.38 

func (b *SecretServiceBackend) ListKeys(ctx context.Context) ([]KeyInfo, error)

func (*SecretServiceBackend) LoadKey added in v1.21.38 

func (b *SecretServiceBackend) LoadKey(ctx context.Context, name, password string) (*HDKeySet, error)

func (*SecretServiceBackend) Lock added in v1.21.38 

func (b *SecretServiceBackend) Lock(ctx context.Context, name string) error

func (*SecretServiceBackend) Name added in v1.21.38 

func (b *SecretServiceBackend) Name() string

func (*SecretServiceBackend) RequiresHardware added in v1.21.38 

func (b *SecretServiceBackend) RequiresHardware() bool

func (*SecretServiceBackend) RequiresPassword added in v1.21.38 

func (b *SecretServiceBackend) RequiresPassword() bool

func (*SecretServiceBackend) SaveKey added in v1.21.38 

func (b *SecretServiceBackend) SaveKey(ctx context.Context, keySet *HDKeySet, password string) error

func (*SecretServiceBackend) Sign added in v1.21.38 

func (b *SecretServiceBackend) Sign(ctx context.Context, name string, request SignRequest) (*SignResponse, error)

func (*SecretServiceBackend) SupportsRemoteSigning added in v1.21.38 

func (b *SecretServiceBackend) SupportsRemoteSigning() bool

func (*SecretServiceBackend) Type added in v1.21.38 

func (b *SecretServiceBackend) Type() BackendType

func (*SecretServiceBackend) Unlock added in v1.21.38 

func (b *SecretServiceBackend) Unlock(ctx context.Context, name, password string) error

type ShareConfig added in v1.21.38 

type ShareConfig struct {
	N              int      // Total number of shares
	K              int      // Threshold required to reconstruct
	ValidatorAddrs []string // Validator network addresses
}

ShareConfig configures threshold secret sharing parameters.

func (*ShareConfig) Validate added in v1.21.38 

func (c *ShareConfig) Validate() error

Validate checks if the share configuration is valid.

type SignParams added in v1.21.38 

type SignParams struct {
	KeyID     string `json:"keyId"`
	Message   string `json:"message"`             // Base64-encoded message or hash
	Algorithm string `json:"algorithm"`           // "bls-sig", "ecdsa", "eddsa", "ml-dsa"
	Prehashed bool   `json:"prehashed,omitempty"` // True if message is already hashed
}

SignParams contains parameters for signing.

type SignRequest added in v1.21.38 

type SignRequest struct {
	Type        string // "transaction", "message", "auth"
	ChainID     uint64
	Description string
	Data        []byte   // Raw data to sign
	DataHash    [32]byte // Hash of data (for display)
}

SignRequest represents a transaction signing request

type SignResponse added in v1.21.38 

type SignResponse struct {
	Signature []byte
	PublicKey []byte
	Address   string
}

SignResponse contains the signature result

type SignResult added in v1.21.38 

type SignResult struct {
	Signature   string   `json:"signature"` // Base64-encoded
	PublicKey   string   `json:"publicKey,omitempty"`
	ShareProofs []string `json:"shareProofs,omitempty"` // For threshold signatures
}

SignResult contains the result of signing.

type SoftKey 

type SoftKey struct {
	// contains filtered or unexported fields
}

func GetOrCreateLocalKey added in v1.9.8 

func GetOrCreateLocalKey(networkID uint32) (*SoftKey, error)

GetOrCreateLocalKey loads a key with the following priority: 1. LUX_PRIVATE_KEY environment variable (CB58 encoded) 2. LUX_MNEMONIC environment variable (BIP39 mnemonic) 3. Local key file at ~/.lux/keys/local-key.pk (generated if not exists) This ensures no hardcoded keys - all keys are either from environment or generated locally.

func LoadSoft 

func LoadSoft(networkID uint32, keyPath string) (*SoftKey, error)

LoadSoft loads the private key from disk and creates the corresponding SoftKey.

func NewSoft 

func NewSoft(networkID uint32, opts ...SOpOption) (*SoftKey, error)

func NewSoftFromBytes added in v1.21.39 

func NewSoftFromBytes(networkID uint32, privKeyBytes []byte) (*SoftKey, error)

NewSoftFromBytes creates a SoftKey from raw private key bytes.

func NewSoftFromMnemonic added in v1.21.37 

func NewSoftFromMnemonic(networkID uint32, mnemonic string) (*SoftKey, error)

NewSoftFromMnemonic creates a SoftKey from a BIP39 mnemonic phrase. Uses standard BIP44 derivation path: m/44'/9000'/0'/0/0

func NewSoftFromMnemonicWithAccount added in v1.21.39 

func NewSoftFromMnemonicWithAccount(networkID uint32, mnemonic string, accountIndex uint32) (*SoftKey, error)

NewSoftFromMnemonicWithAccount creates a SoftKey from a BIP39 mnemonic with specific account index. Uses standard BIP44 derivation path: m/44'/9000'/0'/0/{accountIndex}

func (*SoftKey) Addresses 

func (m *SoftKey) Addresses() []ids.ShortID

func (*SoftKey) C 

func (m *SoftKey) C() string

func (*SoftKey) Encode 

func (m *SoftKey) Encode() string

Returns the private key encoded in CB58 and "PrivateKey-" prefix.

func (*SoftKey) Key 

func (m *SoftKey) Key() *secp256k1.PrivateKey

Returns the private key.

func (*SoftKey) KeyChain 

func (m *SoftKey) KeyChain() *secp256k1fx.Keychain

Returns the KeyChain

func (*SoftKey) Match 

func (m *SoftKey) Match(owners *secp256k1fx.OutputOwners, time uint64) ([]uint32, []ids.ShortID, bool)

func (*SoftKey) P 

func (m *SoftKey) P() []string

func (*SoftKey) PrivKeyHex 

func (m *SoftKey) PrivKeyHex() string

func (*SoftKey) PrivateKeyRaw 

func (m *SoftKey) PrivateKeyRaw() string

PrivateKeyRaw returns the private key in hex format

func (*SoftKey) Raw 

func (m *SoftKey) Raw() []byte

Returns the private key in raw bytes.

func (*SoftKey) Save 

func (m *SoftKey) Save(p string) error

Saves the private key to disk with hex encoding.

func (*SoftKey) Sign 

func (m *SoftKey) Sign(pTx *txs.Tx, signers [][]ids.ShortID) error

func (*SoftKey) Spends 

func (m *SoftKey) Spends(outputs []*lux.UTXO, opts ...OpOption) (
	totalBalanceToSpend uint64,
	inputs []*lux.TransferableInput,
	signers [][]ids.ShortID,
)

func (*SoftKey) X 

func (m *SoftKey) X() []string

X returns the X-Chain addresses (as a slice for compatibility)

type SoftwareBackend added in v1.21.38 

type SoftwareBackend struct {
	// contains filtered or unexported fields
}

SoftwareBackend implements encrypted file-based key storage

func NewSoftwareBackend added in v1.21.38 

func NewSoftwareBackend() *SoftwareBackend

NewSoftwareBackend creates a new software-based key backend

func (*SoftwareBackend) Available added in v1.21.38 

func (b *SoftwareBackend) Available() bool

func (*SoftwareBackend) Close added in v1.21.38 

func (b *SoftwareBackend) Close() error

func (*SoftwareBackend) CreateKey added in v1.21.38 

func (b *SoftwareBackend) CreateKey(ctx context.Context, name string, opts CreateKeyOptions) (*HDKeySet, error)

func (*SoftwareBackend) DeleteKey added in v1.21.38 

func (b *SoftwareBackend) DeleteKey(ctx context.Context, name string) error

func (*SoftwareBackend) GetKeyChecksum added in v1.21.38 

func (b *SoftwareBackend) GetKeyChecksum(name string) (string, error)

GetKeyChecksum returns a checksum for key verification

func (*SoftwareBackend) Initialize added in v1.21.38 

func (b *SoftwareBackend) Initialize(ctx context.Context) error

func (*SoftwareBackend) IsLocked added in v1.21.38 

func (b *SoftwareBackend) IsLocked(name string) bool

func (*SoftwareBackend) ListKeys added in v1.21.38 

func (b *SoftwareBackend) ListKeys(ctx context.Context) ([]KeyInfo, error)

func (*SoftwareBackend) LoadKey added in v1.21.38 

func (b *SoftwareBackend) LoadKey(ctx context.Context, name, password string) (*HDKeySet, error)

func (*SoftwareBackend) Lock added in v1.21.38 

func (b *SoftwareBackend) Lock(ctx context.Context, name string) error

func (*SoftwareBackend) Name added in v1.21.38 

func (b *SoftwareBackend) Name() string

func (*SoftwareBackend) RequiresHardware added in v1.21.38 

func (b *SoftwareBackend) RequiresHardware() bool

func (*SoftwareBackend) RequiresPassword added in v1.21.38 

func (b *SoftwareBackend) RequiresPassword() bool

func (*SoftwareBackend) SaveKey added in v1.21.38 

func (b *SoftwareBackend) SaveKey(ctx context.Context, keySet *HDKeySet, password string) error

func (*SoftwareBackend) Sign added in v1.21.38 

func (b *SoftwareBackend) Sign(ctx context.Context, name string, request SignRequest) (*SignResponse, error)

func (*SoftwareBackend) SupportsRemoteSigning added in v1.21.38 

func (b *SoftwareBackend) SupportsRemoteSigning() bool

func (*SoftwareBackend) Type added in v1.21.38 

func (b *SoftwareBackend) Type() BackendType

func (*SoftwareBackend) Unlock added in v1.21.38 

func (b *SoftwareBackend) Unlock(ctx context.Context, name, password string) error

type StoreShareParams added in v1.21.38 

type StoreShareParams struct {
	KeyID       string `json:"keyId"`
	ShareIndex  int    `json:"shareIndex"`
	ShareData   string `json:"shareData"` // Encrypted share data
	ValidatorID string `json:"validatorId"`
}

StoreShareParams contains parameters for storing a share.

type StoreShareResult added in v1.21.38 

type StoreShareResult struct {
	ShareID   string `json:"shareId"`
	Stored    bool   `json:"stored"`
	Timestamp int64  `json:"timestamp"`
}

StoreShareResult contains the result of storing a share.

type ThresholdSignParams added in v1.21.38 

type ThresholdSignParams struct {
	KeyID     string   `json:"keyId"`
	Message   string   `json:"message"`
	ShareIDs  []string `json:"shareIds,omitempty"` // Optional: specific shares to use
	Algorithm string   `json:"algorithm"`
}

ThresholdSignParams contains parameters for threshold signing.

type ThresholdSignResult added in v1.21.38 

type ThresholdSignResult struct {
	Signature      string   `json:"signature"`
	GroupPublicKey string   `json:"groupPublicKey"`
	ParticipantIDs []string `json:"participantIds"`
	Proofs         []string `json:"proofs,omitempty"`
}

ThresholdSignResult contains the threshold signature.

type UpdateKeyParams added in v1.21.38 

type UpdateKeyParams struct {
	ID       string   `json:"id"`
	Name     string   `json:"name,omitempty"`
	Tags     []string `json:"tags,omitempty"`
	Metadata string   `json:"metadata,omitempty"`
	Status   string   `json:"status,omitempty"` // "active", "disabled", "compromised"
}

UpdateKeyParams contains parameters for updating a key.

type VerifyParams added in v1.21.38 

type VerifyParams struct {
	KeyID     string `json:"keyId,omitempty"`     // Optional if publicKey provided
	PublicKey string `json:"publicKey,omitempty"` // Optional if keyId provided
	Message   string `json:"message"`             // Base64-encoded
	Signature string `json:"signature"`           // Base64-encoded
	Algorithm string `json:"algorithm"`
	Prehashed bool   `json:"prehashed,omitempty"`
}

VerifyParams contains parameters for signature verification.

type VerifyResult added in v1.21.38 

type VerifyResult struct {
	Valid   bool   `json:"valid"`
	KeyID   string `json:"keyId,omitempty"`
	Message string `json:"message,omitempty"` // Error message if invalid
}

VerifyResult contains the result of signature verification.

type WalletConnectBackend added in v1.21.38 

type WalletConnectBackend struct {
	// contains filtered or unexported fields
}

WalletConnectBackend implements remote signing via WalletConnect v2

func NewWalletConnectBackend added in v1.21.38 

func NewWalletConnectBackend() *WalletConnectBackend

NewWalletConnectBackend creates a new WalletConnect backend

func (*WalletConnectBackend) Available added in v1.21.38 

func (b *WalletConnectBackend) Available() bool

func (*WalletConnectBackend) Close added in v1.21.38 

func (b *WalletConnectBackend) Close() error

func (*WalletConnectBackend) CreateKey added in v1.21.38 

func (b *WalletConnectBackend) CreateKey(ctx context.Context, name string, opts CreateKeyOptions) (*HDKeySet, error)

CreateKey is not supported - WalletConnect uses external wallets

func (*WalletConnectBackend) DeleteKey added in v1.21.38 

func (b *WalletConnectBackend) DeleteKey(ctx context.Context, name string) error

DeleteKey removes a pairing session

func (*WalletConnectBackend) DisplayQR added in v1.21.38 

func (b *WalletConnectBackend) DisplayQR(uri string) error

DisplayQR generates and displays a QR code in the terminal

func (*WalletConnectBackend) GetSessionChecksum added in v1.21.38 

func (b *WalletConnectBackend) GetSessionChecksum(name string) (string, error)

GetSessionChecksum returns a checksum for session verification

func (*WalletConnectBackend) Initialize added in v1.21.38 

func (b *WalletConnectBackend) Initialize(ctx context.Context) error

func (*WalletConnectBackend) IsLocked added in v1.21.38 

func (b *WalletConnectBackend) IsLocked(name string) bool

func (*WalletConnectBackend) ListKeys added in v1.21.38 

func (b *WalletConnectBackend) ListKeys(ctx context.Context) ([]KeyInfo, error)

ListKeys returns all paired wallets

func (*WalletConnectBackend) LoadKey added in v1.21.38 

func (b *WalletConnectBackend) LoadKey(ctx context.Context, name, password string) (*HDKeySet, error)

LoadKey loads session info for a paired wallet

func (*WalletConnectBackend) Lock added in v1.21.38 

func (b *WalletConnectBackend) Lock(ctx context.Context, name string) error

func (*WalletConnectBackend) Name added in v1.21.38 

func (b *WalletConnectBackend) Name() string

func (*WalletConnectBackend) Pair added in v1.21.38 

func (b *WalletConnectBackend) Pair(ctx context.Context, name string, chainID int) (string, error)

Pair initiates a new WalletConnect pairing session Returns the pairing URI that should be displayed as QR code

func (*WalletConnectBackend) RequiresHardware added in v1.21.38 

func (b *WalletConnectBackend) RequiresHardware() bool

func (*WalletConnectBackend) RequiresPassword added in v1.21.38 

func (b *WalletConnectBackend) RequiresPassword() bool

func (*WalletConnectBackend) SaveKey added in v1.21.38 

func (b *WalletConnectBackend) SaveKey(ctx context.Context, keySet *HDKeySet, password string) error

SaveKey saves session info

func (*WalletConnectBackend) Sign added in v1.21.38 

func (b *WalletConnectBackend) Sign(ctx context.Context, name string, request SignRequest) (*SignResponse, error)

Sign sends a signing request to the connected wallet

func (*WalletConnectBackend) SignPersonal added in v1.21.38 

func (b *WalletConnectBackend) SignPersonal(ctx context.Context, name string, message []byte) ([]byte, error)

SignPersonal signs a message using EIP-191 personal_sign

func (*WalletConnectBackend) SignTypedData added in v1.21.38 

func (b *WalletConnectBackend) SignTypedData(ctx context.Context, name string, typedData []byte) ([]byte, error)

SignTypedData signs typed data using EIP-712

func (*WalletConnectBackend) SupportsRemoteSigning added in v1.21.38 

func (b *WalletConnectBackend) SupportsRemoteSigning() bool

func (*WalletConnectBackend) Type added in v1.21.38 

func (b *WalletConnectBackend) Type() BackendType

func (*WalletConnectBackend) Unlock added in v1.21.38 

func (b *WalletConnectBackend) Unlock(ctx context.Context, name, password string) error

func (*WalletConnectBackend) WaitForPairing added in v1.21.38 

func (b *WalletConnectBackend) WaitForPairing(ctx context.Context, name string) (*wcSession, error)

WaitForPairing waits for a wallet to connect

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.