Overview
The @icp-sdk/core/identity/secp256k1 module provides an implementation of the SignIdentity interface for the secp256k1 elliptic curve. It allows you to create and manage key pairs for signing and verification of messages.
Here’s an example of how to use the Secp256k1KeyIdentity class to generate a new key pair and sign and verify a message:
import { Secp256k1KeyIdentity } from '@icp-sdk/core/identity/secp256k1';
// Generate a new key pairconst identity = Secp256k1KeyIdentity.generate();
// Sign a messageconst message = 'Hello, world!';const signature = identity.sign(message);
// Verify the signatureconst isValid = identity.verify(message, signature);
console.log(`Signature is ${isValid ? 'valid' : 'invalid'}`);You can also use a seed to generate deterministic key pairs:
import { Secp256k1KeyIdentity } from '@icp-sdk/core/identity/secp256k1';
const seed = Buffer.from('my-secret-seed', 'utf8');const identity = Secp256k1KeyIdentity.generate(seed);The Secp256k1KeyIdentity class also provides methods for converting the key pair to and from JSON-serializable objects:
import { Secp256k1KeyIdentity } from '@icp-sdk/core/identity/secp256k1';
// Generate a new key pairconst identity = Secp256k1KeyIdentity.generate();
// Convert the key pair to a JSON-serializable objectconst json = identity.toJson();
// Convert the JSON-serializable object back to a key pairconst restoredIdentity = Secp256k1KeyIdentity.fromJson(json);Classes
Section titled “Classes”Secp256k1KeyIdentity
Section titled “Secp256k1KeyIdentity”Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:108
An Identity that can sign blobs.
Extends
Section titled “Extends”Constructors
Section titled “Constructors”Constructor
Section titled “Constructor”
protectednew Secp256k1KeyIdentity(publicKey,_privateKey):Secp256k1KeyIdentity
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:229
Parameters
Section titled “Parameters”publicKey
Section titled “publicKey”_privateKey
Section titled “_privateKey”Uint8Array
Returns
Section titled “Returns”Overrides
Section titled “Overrides”Properties
Section titled “Properties”_principal
Section titled “_principal”
protected_principal:Principal|undefined
Defined in: packages/core/src/agent/auth.ts:58
Inherited from
Section titled “Inherited from”_privateKey
Section titled “_privateKey”
protected_privateKey:Uint8Array
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:231
_publicKey
Section titled “_publicKey”_publicKey:
Secp256k1PublicKey
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:227
Methods
Section titled “Methods”getKeyPair()
Section titled “getKeyPair()”getKeyPair():
KeyPair
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:249
Return a copy of the key pair.
Returns
Section titled “Returns”KeyPair
getPrincipal()
Section titled “getPrincipal()”getPrincipal():
Principal
Defined in: packages/core/src/agent/auth.ts:74
Get the principal represented by this identity. Normally should be a
Principal.selfAuthenticating().
Returns
Section titled “Returns”Inherited from
Section titled “Inherited from”getPublicKey()
Section titled “getPublicKey()”getPublicKey():
Required<PublicKey>
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:260
Return the public key.
Returns
Section titled “Returns”Required<PublicKey>
Required
Overrides
Section titled “Overrides”sign()
Section titled “sign()”sign(
data):Promise<Signature>
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:269
Signs a blob of data, with this identity’s private key.
Parameters
Section titled “Parameters”Uint8Array
bytes to hash and sign with this identity’s secretKey, producing a signature
Returns
Section titled “Returns”Promise<Signature>
signature
Overrides
Section titled “Overrides”toJSON()
Section titled “toJSON()”toJSON():
JsonableSecp256k1Identity
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:241
Serialize this key to JSON-serializable object.
Returns
Section titled “Returns”JsonableSecp256k1Identity
transformRequest()
Section titled “transformRequest()”transformRequest(
request):Promise<unknown>
Defined in: packages/core/src/agent/auth.ts:87
Transform a request into a signed version of the request. This is done last after the transforms on the body of a request. The returned object can be anything, but must be serializable to CBOR.
Parameters
Section titled “Parameters”request
Section titled “request”internet computer request to transform
Returns
Section titled “Returns”Promise<unknown>
Inherited from
Section titled “Inherited from”fromJSON()
Section titled “fromJSON()”
staticfromJSON(json):Secp256k1KeyIdentity
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:151
Parameters
Section titled “Parameters”string
Returns
Section titled “Returns”fromKeyPair()
Section titled “fromKeyPair()”
staticfromKeyPair(publicKey,privateKey):Secp256k1KeyIdentity
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:168
generates an identity from a public and private key. Please ensure that you are generating these keys securely and protect the user’s private key
Parameters
Section titled “Parameters”publicKey
Section titled “publicKey”Uint8Array
Uint8Array
privateKey
Section titled “privateKey”Uint8Array
Uint8Array
Returns
Section titled “Returns”Secp256k1KeyIdentity
fromParsedJson()
Section titled “fromParsedJson()”
staticfromParsedJson(obj):Secp256k1KeyIdentity
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:143
Parameters
Section titled “Parameters”Returns
Section titled “Returns”fromPem()
Section titled “fromPem()”
staticfromPem(pemKey):Secp256k1KeyIdentity
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:222
Utility method to create a Secp256k1KeyIdentity from a PEM-encoded key.
Parameters
Section titled “Parameters”pemKey
Section titled “pemKey”string
PEM-encoded key as a string
Returns
Section titled “Returns”- Secp256k1KeyIdentity
fromSecretKey()
Section titled “fromSecretKey()”
staticfromSecretKey(secretKey):Secp256k1KeyIdentity
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:177
generates an identity from an existing secret key, and is the correct method to generate an identity from a seed phrase. Please ensure you protect the user’s private key.
Parameters
Section titled “Parameters”secretKey
Section titled “secretKey”Uint8Array
Uint8Array
Returns
Section titled “Returns”- Secp256k1KeyIdentity
fromSeedPhrase()
Section titled “fromSeedPhrase()”
staticfromSeedPhrase(seedPhrase,password?):Secp256k1KeyIdentity
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:189
Generates an identity from a seed phrase. Use carefully - seed phrases should only be used in secure contexts, and you should avoid having users copying and pasting seed phrases as much as possible.
Parameters
Section titled “Parameters”seedPhrase
Section titled “seedPhrase”string | string[]
either an array of words or a string of words separated by spaces.
password?
Section titled “password?”string
optional password to be used by bip39
Returns
Section titled “Returns”Secp256k1KeyIdentity
generate()
Section titled “generate()”
staticgenerate(seed?):Secp256k1KeyIdentity
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:117
Generates an identity. If a seed is provided, the keys are generated from the seed according to BIP 0032. Otherwise, the key pair is randomly generated. This method throws an error in case the seed is not 32 bytes long or invalid for use as a private key.
Parameters
Section titled “Parameters”Uint8Array<ArrayBufferLike>
the optional seed
Returns
Section titled “Returns”Secp256k1KeyIdentity
Secp256k1PublicKey
Section titled “Secp256k1PublicKey”Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:27
A Public Key implementation.
Implements
Section titled “Implements”Accessors
Section titled “Accessors”derKey
Section titled “derKey”Get Signature
Section titled “Get Signature”get derKey():
DerEncodedPublicKey
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:89
Returns
Section titled “Returns”Implementation of
Section titled “Implementation of”rawKey
Section titled “rawKey”Get Signature
Section titled “Get Signature”get rawKey():
Uint8Array
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:83
Returns
Section titled “Returns”Uint8Array
Implementation of
Section titled “Implementation of”Methods
Section titled “Methods”toDer()
Section titled “toDer()”toDer():
DerEncodedPublicKey
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:99
Returns
Section titled “Returns”Implementation of
Section titled “Implementation of”toRaw()
Section titled “toRaw()”toRaw():
Uint8Array
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:103
Returns
Section titled “Returns”Uint8Array
Implementation of
Section titled “Implementation of”from()
Section titled “from()”
staticfrom(maybeKey):Secp256k1PublicKey
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:41
Construct Secp256k1PublicKey from an existing PublicKey
Parameters
Section titled “Parameters”maybeKey
Section titled “maybeKey”unknown
existing PublicKey, ArrayBuffer, DerEncodedPublicKey, or hex string
Returns
Section titled “Returns”Instance of Secp256k1PublicKey
fromDer()
Section titled “fromDer()”
staticfromDer(derKey):Secp256k1PublicKey
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:32
Parameters
Section titled “Parameters”derKey
Section titled “derKey”Returns
Section titled “Returns”fromRaw()
Section titled “fromRaw()”
staticfromRaw(rawKey):Secp256k1PublicKey
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:28
Parameters
Section titled “Parameters”rawKey
Section titled “rawKey”Uint8Array
Returns
Section titled “Returns”Type Aliases
Section titled “Type Aliases”JsonableSecp256k1Identity
Section titled “JsonableSecp256k1Identity”JsonableSecp256k1Identity = [
PublicKeyHex,SecretKeyHex]
Defined in: packages/core/src/identity/secp256k1/secp256k1.ts:19