Skip to main content

Sign

Signing produces a threshold signature over a message hash using the device's keyshare and the server's keyshare. The full private key is never reconstructed — and each party must contribute its share to the MPC protocol in order to produce valid signature.

For the SDK contract see Sign (Kotlin) and Sign (Swift).

How the example does it

vault/.../session/VaultSessionManager.kt
suspend fun sign(keyId: String, message: ByteArray, derivationPath: String): ByteArray {
val dao = readDao(keyId)
val signature = sessionFor(dao.keyType)
.sign(keyId, message.toHex(), derivationPath)
.getOrThrow()
return signature
}

The example reads the stored record via readDao(keyId) / loadRecord(keyId:) only to resolve the keyType for session dispatch — the keyshare bytes are no longer loaded for signing (the SDK reads them internally by keyId). That record is the storage client's VaultReconcileStoreDao / VaultReconcileRecord wrapper, and the keyType on it is how the example knows which session (ECDSA or EdDSA) to dispatch to.

The message parameter is the transaction hash (hex-encoded). The derivationPath is "m" in this example (the root BIP-32 path). For child key derivation see BIP-32.

Send tokensTransaction submitted