pub trait Pair: Sized + CryptoType {
type Public: Public + Hash;
type Seed: Default + AsRef<[u8]> + AsMut<[u8]> + Clone;
type Signature: Signature;
// Required methods
fn derive<Iter>(
&self,
path: Iter,
seed: Option<Self::Seed>,
) -> Result<(Self, Option<Self::Seed>), DeriveError>
where Iter: Iterator<Item = DeriveJunction>;
fn from_seed_slice(seed: &[u8]) -> Result<Self, SecretStringError>;
fn sign(&self, message: &[u8]) -> Self::Signature;
fn verify<M>(
sig: &Self::Signature,
message: M,
pubkey: &Self::Public,
) -> bool
where M: AsRef<[u8]>;
fn public(&self) -> Self::Public;
fn to_raw_vec(&self) -> Vec<u8> ⓘ;
// Provided methods
fn generate() -> (Self, Self::Seed) { ... }
fn generate_with_phrase(
password: Option<&str>,
) -> (Self, String, Self::Seed) { ... }
fn from_phrase(
phrase: &str,
password: Option<&str>,
) -> Result<(Self, Self::Seed), SecretStringError> { ... }
fn from_seed(seed: &Self::Seed) -> Self { ... }
fn from_string_with_seed(
s: &str,
password_override: Option<&str>,
) -> Result<(Self, Option<Self::Seed>), SecretStringError> { ... }
fn from_string(
s: &str,
password_override: Option<&str>,
) -> Result<Self, SecretStringError> { ... }
}Expand description
Trait suitable for typical cryptographic PKI key pair type.
For now it just specifies how to create a key from a phrase and derivation path.
Required Associated Types§
Required Methods§
fn derive<Iter>(
&self,
path: Iter,
seed: Option<Self::Seed>,
) -> Result<(Self, Option<Self::Seed>), DeriveError>where
Iter: Iterator<Item = DeriveJunction>,
fn derive<Iter>(
&self,
path: Iter,
seed: Option<Self::Seed>,
) -> Result<(Self, Option<Self::Seed>), DeriveError>where
Iter: Iterator<Item = DeriveJunction>,
Derive a child key from a series of given junctions.
fn from_seed_slice(seed: &[u8]) -> Result<Self, SecretStringError>
fn from_seed_slice(seed: &[u8]) -> Result<Self, SecretStringError>
Make a new key pair from secret seed material. The slice must be the correct size or an error will be returned.
@WARNING: THIS WILL ONLY BE SECURE IF THE seed IS SECURE. If it can be guessed
by an attacker then they can also derive your key.
fn verify<M>(sig: &Self::Signature, message: M, pubkey: &Self::Public) -> bool
fn verify<M>(sig: &Self::Signature, message: M, pubkey: &Self::Public) -> bool
Verify a signature on a message. Returns true if the signature is good.
fn to_raw_vec(&self) -> Vec<u8> ⓘ
fn to_raw_vec(&self) -> Vec<u8> ⓘ
Return a vec filled with raw data.
Provided Methods§
fn generate() -> (Self, Self::Seed)
fn generate() -> (Self, Self::Seed)
Generate new secure (random) key pair.
This is only for ephemeral keys really, since you won’t have access to the secret key
for storage. If you want a persistent key pair, use generate_with_phrase instead.
fn generate_with_phrase(password: Option<&str>) -> (Self, String, Self::Seed)
fn generate_with_phrase(password: Option<&str>) -> (Self, String, Self::Seed)
Generate new secure (random) key pair and provide the recovery phrase.
You can recover the same key later with from_phrase.
This is generally slower than generate(), so prefer that unless you need to persist
the key from the current session.
fn from_phrase(
phrase: &str,
password: Option<&str>,
) -> Result<(Self, Self::Seed), SecretStringError>
fn from_phrase( phrase: &str, password: Option<&str>, ) -> Result<(Self, Self::Seed), SecretStringError>
Returns the KeyPair from the English BIP39 seed phrase, or an error if it’s invalid.
fn from_seed(seed: &Self::Seed) -> Self
fn from_seed(seed: &Self::Seed) -> Self
Generate new key pair from the provided seed.
@WARNING: THIS WILL ONLY BE SECURE IF THE seed IS SECURE. If it can be guessed
by an attacker then they can also derive your key.
fn from_string_with_seed(
s: &str,
password_override: Option<&str>,
) -> Result<(Self, Option<Self::Seed>), SecretStringError>
fn from_string_with_seed( s: &str, password_override: Option<&str>, ) -> Result<(Self, Option<Self::Seed>), SecretStringError>
Interprets the string s in order to generate a key Pair. Returns both the pair and an
optional seed, in the case that the pair can be expressed as a direct derivation from a seed
(some cases, such as Sr25519 derivations with path components, cannot).
This takes a helper function to do the key generation from a phrase, password and junction iterator.
- If
sis a possibly0xprefixed 64-digit hex string, then it will be interpreted directly as aMiniSecretKey(aka “seed” insubkey). - If
sis a valid BIP-39 key phrase of 12, 15, 18, 21 or 24 words, then the key will be derived from it. In this case:- the phrase may be followed by one or more items delimited by
/characters. - the path may be followed by
///, in which case everything after the///is treated as a password.
- the phrase may be followed by one or more items delimited by
- If
sbegins with a/character it is prefixed with the Substrate publicDEV_PHRASEand interpreted as above.
In this case they are interpreted as HDKD junctions; purely numeric items are interpreted as
integers, non-numeric items as strings. Junctions prefixed with / are interpreted as soft
junctions, and with // as hard junctions.
There is no correspondence mapping between SURI strings and the keys they represent.
Two different non-identical strings can actually lead to the same secret being derived.
Notably, integer junction indices may be legally prefixed with arbitrary number of zeros.
Similarly an empty password (ending the SURI with ///) is perfectly valid and will
generally be equivalent to no password at all.
fn from_string(
s: &str,
password_override: Option<&str>,
) -> Result<Self, SecretStringError>
fn from_string( s: &str, password_override: Option<&str>, ) -> Result<Self, SecretStringError>
Interprets the string s in order to generate a key pair.
See from_string_with_seed for more extensive documentation.