Struct SigningKey 

pub struct SigningKey(/* private fields */);

An Ed25519 signing key. Private bytes are zeroed on drop.

Implementations

impl SigningKey

pub fn from_bytes(bytes: &[u8; 32]) -> Self

Construct from a 32-byte raw private key seed.

pub fn from_slice(bytes: &[u8]) -> Result<Self, AcdpError>

Try to construct from a slice. Returns an error if the length is wrong.

pub fn generate() -> Self

Generate a fresh Ed25519 key pair using the operating system RNG.

Recommended for production callers; from_bytes is for loading previously-stored key material. Do not persist the raw 32-byte seed in cleartext — use a key vault or HSM.

pub fn sign_content_hash(&self, hash: &ContentHash) -> String

Sign the ASCII bytes of the full content_hash string per §5.8.

Returns the signature as standard base64 (88 chars including padding for Ed25519).

pub fn verifying_key_bytes(&self) -> [u8; 32]

Raw public key bytes (32 bytes).

pub fn seed_bytes(&self) -> [u8; 32]

Return the 32-byte raw private-key seed.

Used by language bindings that need to store the key across FFI calls (the FFI surface holds a [u8; 32] and reconstructs the SigningKey per call, since SigningKey is ZeroizeOnDrop and not Clone).

The seed is private-key material — treat it as a secret and route persistence through a key vault or HSM. The round-trip SigningKey::from_bytes(&key.seed_bytes()) reconstructs an identical signing key.

pub fn sign_string(&self, input: &str) -> String

Sign the UTF-8 bytes of an arbitrary string. Returns the signature as standard base64 (88 chars including padding).

Distinct from Self::sign_content_hash, which signs the ASCII bytes of the "sha256:<hex>" content_hash envelope per RFC-ACDP-0001 §5.8. Use this method when the protocol’s signing input is not a ContentHash value — most notably the ACDP registry’s bearer-token challenge flow, whose signing input is the namespaced ASCII string "acdp-registry-auth:v1:{nonce}:{agent_id}:{authority}:{expires_at}". The registry verifies with crate::verify::verify_ed25519(&pub_bytes, &sig, &input).

Trait Implementations

impl Debug for SigningKey

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Drop for SigningKey

fn drop(&mut self)

Executes the destructor for this type.

fn pin_drop(self: Pin<&mut Self>)

🔬This is a nightly-only experimental API. (pin_ergonomics)

Execute the destructor for this type, but different to Drop::drop, it requires self to be pinned.

impl From<SigningKey> for AcdpSigningKey

fn from(k: SigningKey) -> Self

Converts to this type from the input type.