Class: SpatiumCrypto
Secure MPC signature algorithms for ECDSA and EDDSA systems
Describes both closed and open execution environments, where temporary and permanent data are stored within the environment itself and may not be imported or exported. For software implementations, that means using StorageDrivers to keep data storage opaque and compatible with HSM/TEE implementations.
Implements
Constructors
constructor
• new SpatiumCrypto(cache, storage)
SpatiumCrypto Constructor
Builds upon Storage Drivers and stateless MPC algorithms, thus completely encapsulating data storage within the MPC algorithms.
SpatiumCrypto stands for software CryptoDriver, implementing MPC algorithms over a set of locally-stored data. Suitable for use within SpatiumProtocol for cases where runtime security is not required or impossible.
Parameters
| Name | Type | Description |
|---|---|---|
cache |
StorageDriver |
temporary storage to keep intermediate data during an MPC procedure |
storage |
StorageDriver |
permanent storage to keep long-term data, e.g. secrets, synchronization data |
Properties
cache
• cache: StorageDriver
temporary storage to keep intermediate data during an MPC procedure
storage
• storage: StorageDriver
permanent storage to keep long-term data, e.g. secrets, synchronization data
Methods
checkSecret
▸ checkSecret(secretId): Promise<boolean>
Check whether or not a secretId is occupied
Parameters
| Name | Type | Description |
|---|---|---|
secretId |
string |
ID (UUID) of a secret in question |
Returns
Promise<boolean>
true if provided secretId is occupied
Implementation of
exportSecret
▸ exportSecret(secretId): Promise<null | string>
Export stored secret as string
Note
Actual ability to import/export secrets may depend on implementation.
Parameters
| Name | Type | Description |
|---|---|---|
secretId |
string |
ID (UUID) of a secret in question |
Returns
Promise<null | string>
64 bytes of base64-encoded data or null if no secret is present under secretId
Implementation of
generateSecret
▸ generateSecret(secretId): Promise<void>
Generate a new random secret under the provided secretId
Note
throws if secretId is already in use
Parameters
| Name | Type | Description |
|---|---|---|
secretId |
string |
externally provided ID (UUID) to bind secret to |
Returns
Promise<void>
Implementation of
getCompoundEcdsaPublicKey
▸ getCompoundEcdsaPublicKey(secretId, syncSessionId): Promise<string>
Parameters
| Name | Type |
|---|---|
secretId |
string |
syncSessionId |
string |
Returns
Promise<string>
Implementation of
Crypto.getCompoundEcdsaPublicKey
getCompoundEddsaPublicKey
▸ getCompoundEddsaPublicKey(secretId, syncSessionId): Promise<string>
Parameters
| Name | Type |
|---|---|
secretId |
string |
syncSessionId |
string |
Returns
Promise<string>
Implementation of
Crypto.getCompoundEddsaPublicKey
importSecret
▸ importSecret(secretId, secret): Promise<void>
Import an existing secret under the specified secretId
Note
throws if secretId is already in use
Note
Actual ability to import/export secrets may depend on implementation.
Parameters
| Name | Type | Description |
|---|---|---|
secretId |
string |
externally provided ID (UUID) to bind secret to |
secret |
string |
64 bytes of base64-encoded data |
Returns
Promise<void>