OZExternalEd25519SignerAdapter

public protocol OZExternalEd25519SignerAdapter : Sendable

Adapter protocol for external Ed25519 signing sources.

Conform to this protocol to plug in a hardware wallet, remote signing service, or any other out-of-process Ed25519 signing backend into the multi-signer pipeline. The manager consults the adapter before falling back to its in-memory keypair registry (adapter-first precedence rule).

Example:

final class MyHardwareWalletAdapter: OZExternalEd25519SignerAdapter {
    func canSignFor(verifierAddress: String, publicKey: Data) -> Bool {
        hardwareWallet.hasSigner(for: publicKey)
    }

    func signAuthDigest(authDigest: Data, publicKey: Data) async throws -> Data {
        try await hardwareWallet.sign(digest: authDigest, publicKey: publicKey)
    }
}

Show on GitHub


                    
                    
                    canSignFor(verifierAddress:publicKey:)

Returns whether this adapter can produce an Ed25519 signature for the given verifier-contract address and public key pair.

Called before the in-memory keypair registry is consulted. When this method returns true, the adapter must be able to fulfil a subsequent signAuthDigest(authDigest:publicKey:) call for the same key without error.

Declaration

Swift

func canSignFor(verifierAddress: String, publicKey: Data) -> Bool

Parameters

`verifierAddress`	Contract address (`C…` strkey) of the Ed25519 verifier contract identifying the on-chain signer slot.
`publicKey`	32-byte Ed25519 public key identifying the signer slot.

Return Value

true when the adapter can sign for this (verifierAddress, publicKey) pair.

Show on GitHub


                    
                    
                    signAuthDigest(authDigest:publicKey:)

Asynchronous

Produces a 64-byte Ed25519 signature over the supplied auth digest.

Called by the multi-signer pipeline when canSignFor(verifierAddress:publicKey:) returned true for the same publicKey. The pipeline locally verifies the returned signature before incorporating it into the authorization payload.

Throws

Any error that prevents signing (hardware unavailable, user cancelled, etc.).

Declaration

Swift

func signAuthDigest(authDigest: Data, publicKey: Data) async throws -> Data

Parameters

`authDigest`	32-byte digest to sign. Computed as `SHA-256(signaturePayload \|\| contextRuleIds.toXDR())`.
`publicKey`	32-byte Ed25519 public key that identifies which key to sign with.

Return Value

64-byte raw Ed25519 signature over authDigest.

Show on GitHub