Class: SignerClient
Pre-configured Protocol intended for communication with Spatium Signer Service
- For transport, it uses HTTP(S) + SSE bidirectional transport.
- For cache, it uses in-memory storage
- For crypto driver, it uses any provided Crypto
As it uses SSETransport internally, one should also keep in mind that the client starts listening as soon as connect is called and does not stop until disconnect is called.
See
Hierarchy
Protocol
↳ SignerClient
Implements
Constructors
constructor
• new SignerClient(url
, auth
, crypto
, timeout?
)
Note
requests are attributed to accountId of an authorization session, thus storing data independently for each authorized user
Example
// Assuming an already initialized Crypto
const auth = new AuthorizationSession('https://cloud.spatium.net/authorization/v1', uuid(randomBytes), ['read', 'secret']);
const signer = new SignerClient('https://cloud.spatium.net/signer/v1', auth, crypto, 10 * 1000);
// Connect to a signer service (with a 10 sec timeout)
await signer.connect(10 * 1000);
// Generate a random secret ID for a new secret (should be done exactly once and kept)
const secretId = uuid(randomBytes);
// Generate both secerts (first on a connected server, and then locally) (should be done once per secret ID)
await signer.generateDistributedSecret(secretId);
// Generate a random session ID for a new synchronization session
const syncSessionId = uuid(randomBytes);
// Perform an ECDSA-over-secp256k1 synchronization procedure for a key with path ```m/44'/0'/0'/0'/0'```
const publicKey = await syncDistributedEcdsaKey(signer, secretId, syncSessionId, 'secp256k1', 0, 0);
// At this point, synchronization data is saved to the storage, so one may access it to get a compound public key
const _publicKey = await getEcdsaPublicKey(signer, syncSessionId);
// Which is obviously the same key that was returned from the synchronization procedure itself
expect(publicKey).toBe(_publicKey);
// Generate a random session ID for a new signing session
const signSessionId = uuid(randomBytes);
// Message to be signed
const message = '7hJ9yN2OdIQo2kJu0arZgw2EKnMX5FGtQ6jlCWuLXCM='
// Get signingToken
const signingToken = await getSigningToken(message)
// Generate an ECDSA signature
const signature = await signEcdsaMessage(signer, secretId, syncSessionId, signSessionId, message, getSigningToken);
// Verify the resulting signature against a compound public key with an external library (elliptic.js here)
expect(new ec('secp256k1').verify(
Buffer.from(message, 'base64'),
{
s: Buffer.from(signature.s, 'base64'),
r: Buffer.from(signature.r, 'base64'),
recoveryParam: signature.recovery,
},
Buffer.from(publicKey, 'base64'),
)).toBeTruthy();
// Disconnect from signer service
await signer.disconnect();
Parameters
Name | Type | Description |
---|---|---|
url |
string |
signer service endpoint (HTTP(S)) |
auth |
AuthorizationSession |
authorization AuthorizationSession session to use |
crypto |
Crypto |
any valid Crypto to handle data and computations |
timeout? |
number |
(optional) per-message request timeout, after which a procedure is dropped |
Overrides
Properties
auth
• auth: AuthorizationSession
authorization AuthorizationSession session to use
Methods
connect
▸ connect(timeout?
): Promise
<void
>
Connect and start listening to events
Parameters
Name | Type |
---|---|
timeout? |
number |
Returns
Promise
<void
>
disconnect
▸ disconnect(): Promise
<void
>
Stop listening for messages and disconnect
Returns
Promise
<void
>
generateDistributedSecret
▸ generateDistributedSecret(secretId
): Promise
<void
>
Simltaneous genteration of a distributed secret with the same secret ID
This method is not strictly required as one may simply generate secrets with the same ID independently with the help of underlying Crypto Driver however, it's still userful at least for demonstration purposes.
As a result of this operation, new secrets are saved to a permanent storage, accessible by the provided secret ID From this point, one may freely call syncDistributedEcdsaKey and syncDistributedEddsaKey as long as a secret is accessible in the storage.
Example
// Assume an initialized and already connected SignerClient
// Generate a random secret ID for a new secret
const secretId = uuid(randomBytes);
// Generate both secerts (first on a connected server and then locally)
await client.generateDistributedSecret(secretId);
// At this point, the secret is already generated and ready to be used with MPC
Parameters
Name | Type | Description |
---|---|---|
secretId |
string |
ID (UUID) of a secret in question |
Returns
Promise
<void
>