Struct DefaultSigner

pub struct DefaultSigner {
    pub nonce_commitments: Arc<RwLock<HashbrownMap<String, String>>>,
    pub public_keys_to_secret_keys: Arc<RwLock<HashbrownMap<PublicKey, SecretKey>>>,
    pub network: SparkNetwork,
    /* private fields */
}

A default, in-memory signer for Spark v1. Depending on the feature flags, it may store either a master seed (for self-signing) or remote wallet connection details (for third-party signing).

• If the self-signing feature is enabled, this signer keeps a master_seed and derives keypairs to carry out signing operations.
• If the self-signing feature is not enabled, this signer relies on a remote wallet by storing a connection URL and an API key.
• Keys are held in memory and not persisted unless a future update is made to store them to disk.
• Nonce commitments for each signing round remain ephemeral in memory, which is typically sufficient for short-lived signing sessions.

Fields

nonce_commitments: Arc<RwLock<HashbrownMap<String, String>>>

A map of references to nonce commitments, stored as strings. These are used per signing round and can remain in memory until the round completes.

public_keys_to_secret_keys: Arc<RwLock<HashbrownMap<PublicKey, SecretKey>>>

A map from public keys to secret keys, stored in memory only. This is necessary for self-signing or for local caching if not using remote keys.

network: SparkNetwork

The network that the signer is operating on.

Trait Implementations

impl Clone for DefaultSigner

fn clone(&self) -> DefaultSigner

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl SparkSigner for DefaultSigner

fn from_mnemonic<'life0, 'async_trait>( mnemonic: &'life0 str, network: SparkNetwork, ) -> Pin<Box<dyn Future<Output = Result<Self::WrappedSigner, SparkSdkError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Creates a new wallet from a mnemonic (BIP-39).

• Converts the mnemonic to a 64-byte seed
• Calls from_seed to do the rest

type WrappedSigner = Arc<DefaultSigner>

The constructed signer type, wrapped in an Arc<parking_lot::RwLock<>>

fn from_master_seed<'life0, 'async_trait>( master_seed: &'life0 [u8], network: SparkNetwork, ) -> Pin<Box<dyn Future<Output = Result<Self::WrappedSigner, SparkSdkError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Creates a new signer instance from a seed.

impl SparkSignerDerivationPath for DefaultSigner

fn get_deposit_signing_key( &self, network: Network, ) -> Result<PublicKey, SparkSdkError>

Derives the deposit signing key for the user. In Spark, currently users always have a single deposit key, derived deterministically from their seed.

fn derive_spark_key( leaf_id: Option<String>, account: u32, seed_bytes: &[u8], key_type: SparkKeyType, network: Network, ) -> Result<SecretKey, SparkSdkError>

Derives a Spark key for the specified key type, account, and optionally leaf ID. If the leaf ID is not provided, the function uses the identity.

fn get_identity_derivation_path( account_index: u32, ) -> Result<SparkDerivationPath, SparkSdkError>

Returns the derivation path for the identity key.

impl SparkSignerEcdsa for DefaultSigner

fn sign_message_ecdsa_with_identity_key<T: AsRef<[u8]>>( &self, message: T, apply_hashing: bool, network: Network, ) -> Result<Signature, SparkSdkError>

Signs a message using the identity private key. The identity key is the first derived key from the master seed (using child index 0).

fn sign_message_ecdsa_with_key<T: AsRef<[u8]>>( &self, message: T, public_key_for_signing_key: &PublicKey, apply_hashing: bool, ) -> Result<Signature, SparkSdkError>

Signs a message using a provided public key.

impl SparkSignerEcies for DefaultSigner

fn encrypt_secret_key_with_ecies( &self, receiver_public_key: &PublicKey, pubkey_for_sk_to_encrypt: &PublicKey, ) -> Result<Vec<u8>, SparkSdkError>

Encrypts a secret key using the ECIES algorithm.

fn decrypt_secret_key_with_ecies<T>( &self, ciphertext: T, network: Network, ) -> Result<SecretKey, SparkSdkError>

where T: AsRef<[u8]>,

Decrypts a secret key using the ECIES algorithm.

impl SparkSignerFrost for DefaultSigner

fn new_frost_signing_noncepair( &self, ) -> Result<FrostSigningCommitments, SparkSdkError>

Generates a (commitments, nonces) pair for a FROST signing round. Stores the pair in the signer space.

fn sensitive_expose_nonces_from_commitments<T>( &self, signing_commitments: &T, ) -> Result<FrostSigningNonces, SparkSdkError>

where T: AsRef<[u8]>,

Exposes the nonces from the commitments. This is a highly sensitive operation from a security perspective because it reveals confidential material. Use it only when absolutely necessary, and handle the returned nonces with caution.

fn sensitive_create_if_not_found_expose_nonces_from_commitments( &self, signing_commitments: Option<&[u8]>, ) -> Result<FrostSigningNonces, SparkSdkError>

Same as sensitive_expose_nonces_from_commitments, but if the commitments are not found, it generates them.

impl SparkSignerFrostSigning for DefaultSigner

fn sign_frost( &self, signing_jobs: Vec<FrostSigningJob>, ) -> Result<SignFrostResponse, SparkSdkError>

Signs a message using FROST threshold signature scheme

fn aggregate_frost( &self, request: AggregateFrostRequest, ) -> Result<AggregateFrostResponse, SparkSdkError>

Aggregates multiple FROST signature shares into a complete signature

fn sign_created_tree_in_bfs_order( &self, tx: Transaction, vout: u32, internal_tree_root: Arc<RwLock<DepositAddressTree>>, request_tree_root: CreationNode, creation_result_tree_root: CreationResponseNode, ) -> Result<(Vec<NodeSignatures>, Vec<Vec<u8>>), SparkSdkError>

fn sign_transfer_refunds( &self, leaf_data_map: &HashMap<String, LeafRefundSigningData>, operator_signing_results: &Vec<LeafRefundTxSigningResult>, adaptor_public_key: Vec<u8>, ) -> Result<Vec<NodeSignatures>, SparkSdkError>

fn sign_for_lightning_swap( &self, leaves: &Vec<LeafKeyTweak>, signing_commitments: &Vec<RequestedSigningCommitments>, receiver_identity_pubkey: PublicKey, ) -> Result<(SignFrostResponse, Vec<Vec<u8>>, Vec<ProtoSigningCommitments>), SparkSdkError>

fn sign_root_creation( &self, signing_pubkey_bytes: Vec<u8>, verifying_pubkey_bytes: Vec<u8>, _root_tx_bytes: Vec<u8>, _refund_tx_bytes: Vec<u8>, root_tx_sighash: Vec<u8>, refund_tx_sighash: Vec<u8>, root_nonce_commitment: FrostSigningCommitments, refund_nonce_commitment: FrostSigningCommitments, tree_creation_response: StartTreeCreationResponse, ) -> Result<Vec<Vec<u8>>, SparkSdkError>

fn sign_frost_new( &self, message: Vec<u8>, private_as_pubkey: Vec<u8>, verifying_key: Vec<u8>, self_commitment: FrostSigningCommitments, spark_commitments: HashMap<String, SigningCommitment>, adaptor_public_key: Option<Vec<u8>>, ) -> Result<Vec<u8>, SparkSdkError>

impl SparkSignerSecp256k1 for DefaultSigner

fn get_identity_public_key( &self, account_index: u32, network: Network, ) -> Result<PublicKey, SparkSdkError>

Returns the identity public key of the signer. Identity keypair in Spark is the first derived key from the master seed (using child index 0).

fn new_secp256k1_keypair( &self, leaf_id: String, key_type: SparkKeyType, account_index: u32, network: Network, ) -> Result<PublicKey, SparkSdkError>

Generates a random secp256k1 keypair and persists it in the signer space. The returned public key is returned in a 33-byte array of Vec<u8>.

fn insert_secp256k1_keypair_from_secret_key( &self, secret_key: &SecretKey, ) -> Result<PublicKey, SparkSdkError>

Inserts a keypair into the signer by providing the private key. The function derives the public key from the private key and persists it in the signer space.

fn new_ephemeral_keypair(&self) -> Result<PublicKey, SparkSdkError>

fn subtract_secret_keys_given_pubkeys( &self, target_pubkey: &PublicKey, source_pubkey: &PublicKey, save_new_key: bool, ) -> Result<PublicKey, SparkSdkError>

Subtracts the source secret key from a target secret key to get a new secret key. Returns the public key of the new secret key.

fn sensitive_expose_secret_key_from_pubkey( &self, public_key: &PublicKey, delete_after_exposing: bool, ) -> Result<SecretKey, SparkSdkError>

Exposes the secret key for a given public key. This is a highly sensitive operation from a security perspective because it reveals confidential material. Use it only when absolutely necessary, and handle the returned secret key with caution.

fn expose_leaf_secret_key_for_transfer( &self, leaf_id: String, key_type: SparkKeyType, account_index: u32, network: Network, ) -> Result<SecretKey, SparkSdkError>

impl SparkSignerShamir for DefaultSigner

fn split_with_verifiable_secret_sharing( &self, message: Vec<u8>, threshold: usize, num_shares: usize, ) -> Result<Vec<VerifiableSecretShare>, SparkSdkError>

fn split_from_public_key_with_verifiable_secret_sharing( &self, public_key: &PublicKey, threshold: usize, num_shares: usize, ) -> Result<Vec<VerifiableSecretShare>, SparkSdkError>