Sign a Message
After storing a private key in Nillion, anyone with permissions can use SecretSigner to sign messages or transactions with it. During signing:
- The message to be signed and key's store id are provided
- The message is hashed before being sent to the network
- SecretSigner creates an ECDSA signature using the stored key shares
- The signature is returned for use with other applications
When signing a message, only the message hash is sent to the network - the original message stays private.
Usage
- Python Client
- TypeScript Client
Python Client
Install Nillion Python Client
pip install nillion-client
Python Client: Sign a Message
- signWithStoredPrivateKey.py
- nillion_config.py
- nillion_constants.py
- .env
nilvm/secretsigner-python/signWithStoredPrivateKey.py
loading...
nilvm/secretsigner-python/nillion_config.py
loading...
nilvm/secretsigner-python/nillion_signature_constants.py
loading...
nilvm/secretsigner-python/.env.example
loading...
TypeScript Client
Install Nillion TypeScript Client
npm i @nillion/client-wasm @nillion/client-vms
TypeScript Client: Sign a Message
- signWithStoredPrivateKey.js
- nillionNetworkConfig.js
- nillionSignatureConstants.js
- .env
nilvm/secretsigner-nodejs/signWithStoredPrivateKey.js
loading...
nilvm/secretsigner-nodejs/nillionNetworkConfig.js
loading...
nilvm/secretsigner-nodejs/nillionSignatureConstants.js
loading...
nilvm/secretsigner-nodejs/.env.example
loading...
Signature Verification
Anyone can verify the signature using the same message hash and the public key that corresponds to the private key stored in Nillion. During verification:
- Use the signature (r, s) values returned from SecretSigner
tecdsa_signatureoutput - Hash the message using SHA-256
- Verify using any standard ECDSA verification library
Since SecretSigner returns standard ECDSA signatures, verification works just like it would for any other ECDSA signature.