spark_rust/signer/traits/

secp256k1.rs

//! # Secp256k1 Keypair Management for Spark Wallet
//!
//! This module defines the trait for managing secp256k1 keypairs in the Spark wallet.
//! Secp256k1 is the elliptic curve used by Bitcoin, and this module provides methods
//! for generating, storing, retrieving, and manipulating secp256k1 keypairs.
//!
//! The Spark wallet uses several types of keypairs:
//! - Identity keypairs for wallet identification and authentication
//! - Leaf keypairs for individual UTXOs (leaves) in the wallet
//! - Ephemeral keypairs for one-time operations like key exchange
//!
//! Proper keypair management is critical to the security of the wallet, as these
//! keys control access to funds and provide cryptographic identity.

use bitcoin::{
    secp256k1::{PublicKey, SecretKey},
    Network,
};

use crate::error::SparkSdkError;

/// Trait for managing secp256k1 keypairs in the Spark wallet.
///
/// This trait provides methods for generating, retrieving, and manipulating
/// secp256k1 keypairs used throughout the Spark wallet. These keypairs are
/// fundamental to various cryptographic operations including:
///
/// - Wallet identification (via the identity key)
/// - Signing Bitcoin transactions
/// - Secure key exchange during transfers
/// - FROST threshold signing (in conjunction with the FROST traits)
///
/// The implementation must ensure that:
/// - Private keys are securely stored and never exposed unnecessarily
/// - Keys are properly derived according to Spark's derivation scheme
/// - Operations that expose secret key material are used with caution
pub trait SparkSignerSecp256k1 {
    /// Returns the identity public key of the signer.
    ///
    /// The identity keypair in Spark is the first derived key from the master seed
    /// (using child index 0). This key serves as the cryptographic identity of the
    /// wallet and is used for authentication and secure communication between wallets.
    ///
    /// # Arguments
    /// * `account_index` - The account index to use for the keypair.
    /// * `network` - The network to use for the keypair (affects derivation path).
    ///
    /// # Returns
    /// * `Ok(PublicKey)` - The identity public key of the signer
    /// * `Err(SparkSdkError)` - If key retrieval fails
    ///
    /// # Example
    /// ```
    /// # use bitcoin::Network;
    /// # use spark_rust::error::SparkSdkError;
    /// # use spark_rust::signer::traits::secp256k1::SparkSignerSecp256k1;
    /// # fn example(signer: &impl SparkSignerSecp256k1) -> Result<(), SparkSdkError> {
    ///     let identity_pubkey = signer.get_identity_public_key(0, Network::Bitcoin)?;
    ///     // Use identity_pubkey for wallet identification
    /// #   Ok(())
    /// # }
    /// ```
    fn get_identity_public_key(
        &self,
        account_index: u32,
        network: Network,
    ) -> Result<PublicKey, SparkSdkError>;

    /// Inserts a keypair into the signer by providing the private key.
    ///
    /// This method derives the public key from the provided private key and
    /// persists both in the signer's state. It is primarily used during the
    /// transfer flow, when the receiver needs to store a secret key received
    /// from the sender.
    ///
    /// # Arguments
    /// * `secret_key` - The secret key to insert
    ///
    /// # Returns
    /// * `Ok(PublicKey)` - The public key derived from the inserted secret key
    /// * `Err(SparkSdkError)` - If key insertion fails
    ///
    /// # Example
    /// ```
    /// # use bitcoin::secp256k1::SecretKey;
    /// # use spark_rust::error::SparkSdkError;
    /// # use spark_rust::signer::traits::secp256k1::SparkSignerSecp256k1;
    ///
    /// # fn example(signer: &impl SparkSignerSecp256k1, secret_key: SecretKey) -> Result<(), SparkSdkError> {
    ///     // During transfer flow, when receiver gets a secret key from sender
    ///     let public_key = signer.insert_secp256k1_keypair_from_secret_key(&secret_key)?;
    ///
    /// #   Ok(())
    /// # }
    /// ```
    fn insert_secp256k1_keypair_from_secret_key(
        &self,
        secret_key: &SecretKey,
    ) -> Result<PublicKey, SparkSdkError>;

    /// Generates a new ephemeral keypair for one-time use.
    ///
    /// Ephemeral keypairs are typically used for temporary operations like
    /// secure communication sessions or one-time signatures. They are not
    /// derived from the wallet's seed but are generated randomly.
    ///
    /// # Returns
    /// * `Ok(PublicKey)` - The public key of the generated ephemeral keypair
    /// * `Err(SparkSdkError)` - If keypair generation fails
    ///
    /// # Security Considerations
    /// Ephemeral keys should be properly erased after use to prevent key
    /// material from being recovered.
    fn new_ephemeral_keypair(&self) -> Result<PublicKey, SparkSdkError>;

    /// Subtracts one secret key from another to derive a new key.
    ///
    /// This method performs the operation: `target_key - source_key = result_key`
    /// using only the public keys to identify the secret keys stored in the signer.
    /// This is useful for key tweaking operations in the Spark protocol.
    ///
    /// # Arguments
    /// * `target_pubkey` - Public key identifying the target secret key
    /// * `source_pubkey` - Public key identifying the source secret key to subtract
    /// * `save_new_key` - Whether to save the newly derived keypair in the signer
    ///
    /// # Returns
    /// * `Ok(PublicKey)` - The public key corresponding to the resulting secret key
    /// * `Err(SparkSdkError)` - If the operation fails
    ///
    /// # Security Considerations
    /// The implementation must ensure that both source and target secret keys
    /// are available in the signer's storage and are properly authorized for use.
    fn subtract_secret_keys_given_pubkeys(
        &self,
        target_pubkey: &PublicKey,
        source_pubkey: &PublicKey,
        save_new_key: bool,
    ) -> Result<PublicKey, SparkSdkError>;

    /// Exposes the secret key corresponding to a given public key.
    ///
    /// # Security Warning
    /// This is a **highly sensitive** operation from a security perspective because
    /// it reveals confidential key material. Improper handling of exposed secret keys
    /// can lead to fund loss. Use it **only** when absolutely necessary, and handle
    /// the returned secret key with extreme caution.
    ///
    /// # Arguments
    /// * `public_key` - The public key for which to retrieve the corresponding secret key
    /// * `delete_after_exposing` - Whether to delete the key from storage after retrieval
    ///
    /// # Returns
    /// * `Ok(SecretKey)` - The secret key corresponding to the provided public key
    /// * `Err(SparkSdkError)` - If the secret key cannot be found or another error occurs
    ///
    /// # Example
    /// ```
    /// # use bitcoin::secp256k1::PublicKey;
    /// # use spark_rust::error::SparkSdkError;
    /// # use spark_rust::signer::traits::secp256k1::SparkSignerSecp256k1;
    /// # fn example(signer: &impl SparkSignerSecp256k1, public_key: PublicKey) -> Result<(), SparkSdkError> {
    ///     // This should be used only in exceptional circumstances
    ///     let secret_key = signer.sensitive_expose_secret_key_from_pubkey(&public_key, false)?;
    ///     // Use secret_key immediately and then ensure it's securely erased
    /// #   Ok(())
    /// # }
    /// ```
    fn sensitive_expose_secret_key_from_pubkey(
        &self,
        public_key: &PublicKey,
        delete_after_exposing: bool,
    ) -> Result<SecretKey, SparkSdkError>;
}