stellar-sdk/com.soneso.stellar.sdk/KeyPair

KeyPair

class KeyPair

Holds a Stellar keypair consisting of a public key and optionally a private key (secret seed).

Cryptographic Implementation

This class uses production-ready, platform-specific cryptographic implementations:

JVM/Android

  • Library: BouncyCastle (org.bouncycastle:bcprov-jdk18on)

  • Algorithm: Ed25519 (RFC 8032 compliant)

  • Security: Mature, widely-audited implementation

  • Provider: Registered as JCA security provider

iOS/macOS

  • Library: libsodium (via C interop)

  • Algorithm: Ed25519 (crypto_sign_*)

  • Security: Audited, constant-time operations, memory-safe

  • Distribution: Requires libsodium via Swift Package Manager or static linking

JavaScript/Web

  • Library: libsodium-wrappers (WebAssembly)

  • Algorithm: Ed25519 (crypto_sign_*)

  • Security: Same audited libsodium implementation compiled to WebAssembly

  • Distribution: Bundled via npm/webpack

Security Considerations

  1. Memory Management:

    • Secret seeds are stored as ByteArray and should be zeroed after use

    • Use fromSecretSeed with CharArray when possible for better memory control

    • All returned arrays are defensive copies to prevent external modification

  2. Side-Channel Protection:

    • All implementations use constant-time operations for signing/verification

    • No timing-based attacks on key operations

  3. Validation:

    • All inputs are validated for correct length and format

    • Invalid keys/seeds throw IllegalArgumentException immediately

Thread Safety

KeyPair instances are immutable and thread-safe. The underlying cryptographic operations are also thread-safe.

See also

Types

Link copied to clipboard
object Companion

Functions

Link copied to clipboard
fun canSign(): Boolean

Returns true if this Keypair is capable of signing.

Link copied to clipboard
open operator override fun equals(other: Any?): Boolean
Link copied to clipboard
fun getAccountId(): String

Returns the human-readable account ID encoded in strkey (G...).

Link copied to clipboard
fun getPublicKey(): ByteArray

Returns the raw 32 byte public key.

Link copied to clipboard
fun getSecretSeed(): CharArray?

Returns the human-readable secret seed encoded in strkey (S...).

Link copied to clipboard
fun getXdrAccountId(): AccountIDXdr

Returns the XDR AccountID for this keypair.

Link copied to clipboard
open override fun hashCode(): Int
Link copied to clipboard
suspend fun sign(data: ByteArray): ByteArray

Sign the provided data with the keypair's private key.

Link copied to clipboard
suspend fun signDecorated(data: ByteArray): DecoratedSignature

Sign the provided data with the keypair's private key and return a decorated signature.

Link copied to clipboard
suspend fun signMessage(message: ByteArray): ByteArray

Signs an arbitrary binary message according to SEP-53.

suspend fun signMessage(message: String): ByteArray

Signs an arbitrary UTF-8 string message according to SEP-53.

Link copied to clipboard
suspend fun verify(data: ByteArray, signature: ByteArray): Boolean

Verify the provided data and signature match this keypair's public key.

Link copied to clipboard
suspend fun verifyMessage(message: ByteArray, signature: ByteArray): Boolean

Verifies a binary message and its signature according to SEP-53.

suspend fun verifyMessage(message: String, signature: ByteArray): Boolean

Verifies a UTF-8 string message and its signature according to SEP-53.

Generated by Dokka
© 2026 Copyright