pub trait Pair: CryptoType + Sized + Clone + Send + Sync + 'static {
type Public: Public + Hash;
type Seed: Default + AsRef<[u8]> + AsMut<[u8]> + Clone;
type Signature: AsRef<[u8]>;
type DeriveError;
Show 13 methods
fn generate_with_phrase(
password: Option<&str>
) -> (Self, String, Self::Seed);
fn from_phrase(
phrase: &str,
password: Option<&str>
) -> Result<(Self, Self::Seed), SecretStringError>;
fn derive<Iter: Iterator<Item = DeriveJunction>>(
&self,
path: Iter,
seed: Option<Self::Seed>
) -> Result<(Self, Option<Self::Seed>), Self::DeriveError>;
fn from_seed(seed: &Self::Seed) -> Self;
fn from_seed_slice(seed: &[u8]) -> Result<Self, SecretStringError>;
fn sign(&self, message: &[u8]) -> Self::Signature;
fn verify<M: AsRef<[u8]>>(
sig: &Self::Signature,
message: M,
pubkey: &Self::Public
) -> bool;
fn verify_weak<P: AsRef<[u8]>, M: AsRef<[u8]>>(
sig: &[u8],
message: M,
pubkey: P
) -> bool;
fn public(&self) -> Self::Public;
fn to_raw_vec(&self) -> Vec<u8>ⓘ;
fn generate() -> (Self, Self::Seed) { ... }
fn from_string_with_seed(
s: &str,
password_override: Option<&str>
) -> Result<(Self, Option<Self::Seed>), SecretStringError> { ... }
fn from_string(
s: &str,
password_override: Option<&str>
) -> Result<Self, SecretStringError> { ... }
}
Expand description
Trait suitable for typical cryptographic PKI key pair type.
For now it just specifies how to create a key from a phrase and derivation path.
Associated Types
The type used to (minimally) encode the data required to securely create a new key pair.
The type used to represent a signature. Can be created from a key pair and a message and verified with the message and a public key.
type DeriveError
type DeriveError
Error returned from the derive
function.
Required methods
Generate new secure (random) key pair and provide the recovery phrase.
You can recover the same key later with from_phrase
.
This is generally slower than generate()
, so prefer that unless you need to persist
the key from the current session.
fn from_phrase(
phrase: &str,
password: Option<&str>
) -> Result<(Self, Self::Seed), SecretStringError>
fn from_phrase(
phrase: &str,
password: Option<&str>
) -> Result<(Self, Self::Seed), SecretStringError>
Returns the KeyPair from the English BIP39 seed phrase
, or None
if it’s invalid.
Derive a child key from a series of given junctions.
Generate new key pair from the provided seed
.
@WARNING: THIS WILL ONLY BE SECURE IF THE seed
IS SECURE. If it can be guessed
by an attacker then they can also derive your key.
fn from_seed_slice(seed: &[u8]) -> Result<Self, SecretStringError>
fn from_seed_slice(seed: &[u8]) -> Result<Self, SecretStringError>
Make a new key pair from secret seed material. The slice must be the correct size or
it will return None
.
@WARNING: THIS WILL ONLY BE SECURE IF THE seed
IS SECURE. If it can be guessed
by an attacker then they can also derive your key.
Verify a signature on a message. Returns true if the signature is good.
Verify a signature on a message. Returns true if the signature is good.
Provided methods
Generate new secure (random) key pair.
This is only for ephemeral keys really, since you won’t have access to the secret key
for storage. If you want a persistent key pair, use generate_with_phrase
instead.
Interprets the string s
in order to generate a key Pair. Returns both the pair and an
optional seed, in the case that the pair can be expressed as a direct derivation from a seed
(some cases, such as Sr25519 derivations with path components, cannot).
This takes a helper function to do the key generation from a phrase, password and junction iterator.
- If
s
is a possibly0x
prefixed 64-digit hex string, then it will be interpreted directly as aMiniSecretKey
(aka “seed” insubkey
). - If
s
is a valid BIP-39 key phrase of 12, 15, 18, 21 or 24 words, then the key will be derived from it. In this case:- the phrase may be followed by one or more items delimited by
/
characters. - the path may be followed by
///
, in which case everything after the///
is treated as a password.
- the phrase may be followed by one or more items delimited by
- If
s
begins with a/
character it is prefixed with the Substrate publicDEV_PHRASE
and interpreted as above.
In this case they are interpreted as HDKD junctions; purely numeric items are interpreted as
integers, non-numeric items as strings. Junctions prefixed with /
are interpreted as soft
junctions, and with //
as hard junctions.
There is no correspondence mapping between SURI strings and the keys they represent.
Two different non-identical strings can actually lead to the same secret being derived.
Notably, integer junction indices may be legally prefixed with arbitrary number of zeros.
Similarly an empty password (ending the SURI with ///
) is perfectly valid and will
generally be equivalent to no password at all.
None
is returned if no matches are found.
fn from_string(
s: &str,
password_override: Option<&str>
) -> Result<Self, SecretStringError>
fn from_string(
s: &str,
password_override: Option<&str>
) -> Result<Self, SecretStringError>
Interprets the string s
in order to generate a key pair.
See from_string_with_seed
for more extensive documentation.