Ed25519SecureKeyHandler

class cometa.key_handler.secure_key_handler.Ed25519SecureKeyHandler[source]

Bases: ABC

Defines the contract for a secure key handler that manages a single, non-derivable Ed25519 private key.

Implementations of this interface are responsible for keeping the private key secure. The key should only be decrypted for the brief duration of a cryptographic operation in the case of in-memory implementations, after which it must be securely wiped from memory to minimize exposure.

abstract sign_transaction(transaction)[source]

Signs a transaction using the securely stored Ed25519 private key.

Parameters:: transaction (str) – The CBOR-encoded transaction hex string to be signed.
Returns:: A VkeyWitnessSet containing the signature.
Return type:: VkeyWitnessSet

abstract sign_data(data)[source]

Signs arbitrary data using the securely stored Ed25519 private key.

Parameters:: data (str) – The hex-encoded data to be signed.
Returns:: A dict with ‘signature’ and ‘key’ (public key) as hex strings.
Return type:: dict[str, str]

abstract get_private_key()[source]

Retrieves the securely stored private key.

Returns:: The Ed25519PrivateKey.
Return type:: Ed25519PrivateKey

Warning

This operation exposes the private key in memory and should be used with extreme caution. The caller is responsible for securely handling and wiping the key from memory after use.

abstract get_public_key()[source]

Retrieves the public key corresponding to the securely stored private key.

Returns:: The corresponding Ed25519PublicKey.
Return type:: Ed25519PublicKey

abstract serialize()[source]

Serializes the encrypted key data for secure storage. This allows the handler’s state to be saved and later restored.

Returns:: The encrypted and serialized key data.
Return type:: bytes