CLASS
SpatiumCrypto
Secure MPC signature algorithms for ECDSA and EDDSA systems
Describes both closed and open execution environments, where temporary and permanent data are stored within the environment itself and may not be imported or exported. For software implementations, that means using StorageDrivers to keep data storage opaque and compatible with HSM/TEE implementations.
Properties
cache
temporary storage to keep intermediate data during an MPC procedure
storage
permanent storage to keep long-term data, e.g. secrets, synchronization data
Methods
init(cache:storage:)
SpatiumCrypto Constructor
Builds upon Storage Drivers and stateless MPC algorithms, thus completely encapsulating data storage within the MPC algorithms.
SpatiumCrypto stands for software CryptoDriver, implementing MPC algorithms over a set of locally-stored data. Suitable for use within SpatiumProtocol for cases where runtime security is not required or impossible.
Parameters
Name | Description |
---|---|
cache | temporary storage to keep intermediate data during an MPC procedure |
storage | permanent storage to keep long-term data e.g. secrets, synchronisation data |
checkSecret(secretId:)
Check whether or not a secretId is occupied
Parameters
Name | Description |
---|---|
secretId | ID (UUID) of a secret in question |
Returns
Bool
true if provided secretId is occupied
generateSecret(secretId:)
Generate a new random secret under the provided secretId
Note
throws if secretId is already in use
Parameters
Name | Description |
---|---|
secretId | externally provided ID (UUID) to bind secret to |
Returns
void
removeSecret(secretId:)
Parameters
Name | Description |
---|---|
secretId | ID (UUID) of a secret in question |
exportSecret(secretId:)
Export stored secret as string
Note
Actual ability to import/export secrets may depend on implementation.
Parameters
Name | Description |
---|---|
secretId | ID (UUID) of a secret in question |
Returns
String?
64 bytes of base64-encoded data or null if no secret is present under secretId
importSecret(secretId:secret:)
Import an existing secret under the specified secretId
Note
throws if secretId is already in use
Note
Actual ability to import/export secrets may depend on implementation.
Parameters
Name | Description |
---|---|
secretId | externally provided ID (UUID) to bind secret to |
secret | 64 bytes of base64-encoded data |
Returns
void
createEcdsaKeyCommitment(secretId:syncSessionId:curve:derivationCoin:derivationAccount:)
public func createEcdsaKeyCommitment(secretId: String, syncSessionId: String, curve: EcdsaCurve, derivationCoin: UInt32, derivationAccount: UInt32) async throws -> String
createEcdsaKeyGenerationDataProof(secretId:syncSessionId:curve:derivationCoin:derivationAccount:keyCommitment:)
public func createEcdsaKeyGenerationDataProof(secretId: String, syncSessionId: String, curve: EcdsaCurve, derivationCoin: UInt32, derivationAccount: UInt32, keyCommitment keyCommitmentData: String) async throws -> String
createEcdsaKeyDecommitment(syncSessionId:keyGenerationDataProof:)
public func createEcdsaKeyDecommitment(syncSessionId: String, keyGenerationDataProof keyGenerationDataProofData: String) async throws -> String
createDistributedEcdsaKey(syncSessionId:keyDecommitment:)
public func createDistributedEcdsaKey(syncSessionId: String, keyDecommitment keyDecommitmentData: String) async throws
createEcdsaChallengeCommitment(syncSessionId:)
createEcdsaChallengeResponseCommitment(syncSessionId:challengeCommitment:)
public func createEcdsaChallengeResponseCommitment(syncSessionId: String, challengeCommitment challengeCommitmentData: String) async throws -> String
createEcdsaChallengeDecommitment(syncSessionId:challengeResponseCommitment:)
public func createEcdsaChallengeDecommitment(syncSessionId: String, challengeResponseCommitment challengeResponseCommitmentData: String) async throws -> String
createEcdsaChallangeResponseDecommitment(syncSessionId:challengeDecommitment:)
public func createEcdsaChallangeResponseDecommitment(syncSessionId: String, challengeDecommitment challengeDecommitmentData: String) async throws -> String
verifyEcdsaChallengeResponseDecommitment(syncSessionId:challengeResponseDecommitment:)
public func verifyEcdsaChallengeResponseDecommitment(syncSessionId: String, challengeResponseDecommitment challengeResponseDecommitmentData: String) async throws -> String
getCompoundEcdsaPublicKey(secretId:syncSessionId:)
public func getCompoundEcdsaPublicKey(secretId: String, syncSessionId: String) async throws -> String
Parameters
Name | Type |
---|---|
secretId |
String |
syncSessionId |
String |
Returns
String
removeDistributedEcdsaKey(secretId:syncSessionId:)
createEcdsaSigningKeyCommitment(secretId:syncSessionId:signSessionId:message:)
public func createEcdsaSigningKeyCommitment(secretId: String, syncSessionId: String, signSessionId: String, message: String) async throws -> String
createEcdsaSigningKeyGenerationDataProof(secretId:syncSessionId:signSessionId:message:signingKeyCommitment:)
public func createEcdsaSigningKeyGenerationDataProof(secretId: String, syncSessionId: String, signSessionId: String, message: String, signingKeyCommitment signingKeyCommitmentData: String) async throws -> String
createEcdsaSigningKeyDecommitment(signSessionId:signingKeyGenerationDataProof:)
public func createEcdsaSigningKeyDecommitment(signSessionId: String, signingKeyGenerationDataProof signingKeyGenerationDataProofData: String) async throws -> String
createEcdsaPartialSignature(signSessionId:signingKeyDecommitment:)
public func createEcdsaPartialSignature(signSessionId: String, signingKeyDecommitment signingKeyDecommitmentData: String) async throws -> String
createEcdsaSignature(signSessionId:partialSignature:)
public func createEcdsaSignature(signSessionId: String, partialSignature partialSignatureData: String) async throws -> EcdsaSignature
createEddsaKeyCommitment(secretId:syncSessionId:curve:derivationCoin:derivationAccount:)
public func createEddsaKeyCommitment(secretId: String, syncSessionId: String, curve: EddsaCurve, derivationCoin: UInt32, derivationAccount: UInt32) async throws -> String
createEddsaKeyGenerationDataProof(secretId:syncSessionId:curve:derivationCoin:derivationAccount:keyCommitment:)
public func createEddsaKeyGenerationDataProof(secretId: String, syncSessionId: String, curve: EddsaCurve, derivationCoin: UInt32, derivationAccount: UInt32, keyCommitment keyCommitmentData: String) async throws -> String
createEddsaKeyDecommitment(syncSessionId:keyGenerationDataProof:)
public func createEddsaKeyDecommitment(syncSessionId: String, keyGenerationDataProof keyGenerationDataProofData: String) async throws -> (String, String)
createDistributedEddsaKey(syncSessionId:keyDecommitment:)
public func createDistributedEddsaKey(syncSessionId: String, keyDecommitment keyDecommitmentData: String) async throws -> String
getCompoundEddsaPublicKey(secretId:syncSessionId:)
public func getCompoundEddsaPublicKey(secretId: String, syncSessionId: String) async throws -> String
Parameters
Name | Type |
---|---|
secretId |
String |
syncSessionId |
String |
Returns
String
removeDistributedEddsaKey(secretId:syncSessionId:)
createEddsaSigningKeyCommitment(secretId:syncSessionId:signSessionId:message:)
public func createEddsaSigningKeyCommitment(secretId: String, syncSessionId: String, signSessionId: String, message: String) async throws -> String
createEddsaSigningKeyGenerationDataProof(secretId:syncSessionId:signSessionId:message:signingKeyCommitment:)
public func createEddsaSigningKeyGenerationDataProof(secretId: String, syncSessionId: String, signSessionId: String, message: String, signingKeyCommitment signingKeyCommitmentData: String) async throws -> String
createEddsaSigningKeyDecommitment(signSessionId:signingKeyGenerationDataProof:)
public func createEddsaSigningKeyDecommitment(signSessionId: String, signingKeyGenerationDataProof signingKeyGenerationDataProofData: String) async throws -> String
createEddsaPartialSignature(signSessionId:signingKeyDecommitment:)
public func createEddsaPartialSignature(signSessionId: String, signingKeyDecommitment signingKeyDecommitmentData: String) async throws -> String