Black-box Signatures

Black-box signing enables users to leverage Fordefi’s MPC technology to sign any arbitrary blob, subject to the client's transaction policy, in a distributed way, without exposing the private key.

Note

API users must strongly authenticate transaction requests that are created programmatically by signing them. Learn more.

What is Black-box Signing?

Black-box vaults allows signing any arbitrary payload using the MPC with the Fordefi platform on supported curves.

This feature is useful for customers who are dealing with unsupported blockchains that Fordefi doesn't natively handle or wish to integrate with their own nodes.

For black-box vaults Fordefi does not verify or enforce any specific amount or assets rules, and will sign any buffer given by the customer as long as it is approved.

Black-box vaults

When creating a new vault using the Fordefi API, there is an option to set the vault type as black_box as well as its key type. Currently, the supported key types are ecdsa_stark , ecdsa_secp256k1 and eddsa25519.

Response body:

  • public_key_compressed is the public key of the vault in the standard compressed format, according to the SEC1 standard. This format encodes the least bit of the y-coordinate in the first byte. (\\x02 for even y-coordinate, and \\x03 for odd). Following is the x-coordinate.

    Use this public key on the client side to calculate the address, based on your specific use case (meaning, chain).

  • For stark vaults, under the details section, there is a stark_key field, which is the corresponding public key of this vault.

Black-box signatures

Black-box signing is possible only using Fordefi’s REST API. While calling the Create Transaction endpoint, the client must:

  • Provide a vault_id (for the vault that was previously created as a black_box type).
  • Set the type field to black_box_signature.
  • Use the details field to provide either a binary hash or integer hash, as described in the following section and in the code sample.

See: