Skip to main content

KeyPair

falcon_multisig::keypair

Struct KeyPair 

Source 
pub struct KeyPair { /* private fields */ }
Expand description

A Falcon-512 keypair with a zeroizing secret key.

The secret key bytes are zeroed in memory when the KeyPair is dropped, using zeroize.

§Serialization

When the serde feature is enabled, KeyPair serializes only the public key. The secret key is never written to any serialized form; this is intentional. To persist a secret key, use KeyPair::secret_key_bytes and store the bytes in an encrypted wallet or HSM.

§Thread Safety

KeyPair is Send but not Sync because the underlying FrSecretKey does not implement Sync. Wrap in a Mutex for shared use across threads.

Implementations§

Source§

impl KeyPair

Source

pub fn generate() -> Self

Generate a new Falcon-512 keypair using the OS random number generator.

Keygen is computationally expensive (~10 ms on a typical server CPU). Pre-generate keys and cache them when throughput matters.

Source

pub fn from_bytes(sk_bytes: &[u8], pk_bytes: &[u8]) -> Result<Self, Error>

Reconstruct a KeyPair from raw secret key and public key bytes.

Both inputs are validated for length. The public key is not mathematically verified against the secret key — callers are responsible for ensuring the pair is consistent.

Source

pub fn public_key(&self) -> &PublicKey

Return a reference to the public key.

Source

pub fn secret_key_bytes(&self) -> &[u8]

Return the raw secret key bytes.

Handle the returned slice with care. Do not log, serialize, or store it in plaintext. Prefer storing in an encrypted wallet.

Source

pub fn sign(&self, message: &[u8]) -> Vec<u8>

Sign a message with this keypair.

Internally, the function computes:

digest = SHA3-256(FALCON_MULTISIG_V1: || message)
signature = Falcon512::sign(digest, secret_key)

The returned bytes are the raw Falcon-512 signature (variable length, up to [SIGNATURE_MAX_BYTES] bytes). The digest is not appended; callers hold the message and recompute the digest during verification.

§Errors

Returns Error::InvalidPublicKeyLength if the stored key is somehow malformed (should never occur for keys produced by KeyPair::generate).

Source

pub fn address(&self) -> SingleKeyAddress

Derive the canonical single-key address from this keypair.

Source

pub fn verify_own_signature( &self, message: &[u8], signature: &[u8], ) -> Result<bool, Error>

Verify that a raw signature was produced by this keypair’s secret key over the given message.

Trait Implementations§

Source§

impl Debug for KeyPair

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Serialize for KeyPair

Available on crate feature serde only.
Source§

fn serialize<S: Serializer>(&self, serializer: S) -> Result<S::Ok, S::Error>

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V