Search…
Overview
API Reference
Vault
Keys
Creating a Key
Deriving a Key
Listing Keys
Deleting a Key
Encryption and Decryption
Signing and Verification
HD Wallets
Secrets
Powered By GitBook
Keys

Supported Specs

This section describes the elliptic curves and key specifications which are currently supported by the API. Supported curves and key specs are defined with a type of either or symmetric or asymmetric. Certain symmetric keys support key derivation (i.e., such as the ChaCha20 stream cipher). Other key specs, such as RSA, are provided for convenience and to achieve table-stakes feature-parity with industry-standard key management solutions such as AWS Key Management Service, Azure Key Vault, Hashicorp Vault, etc.

Symmetric

Key Spec
Description
AES-256-GCM
default encryption for the master key of each Vault instance
ChaCha20
stream cipher useful with double-ratchet messaging algorithm
RSA
2048, 3072 and 4096-bit RSASSA-PSS and RSASSA-PKCS1-V1_5-SIGN for sign/verify operations; RSAES_OAEP_SHA_256 for encrypt/decrypt operations

Asymmetric

Key Spec
Description
babyJubJub
a twisted Edwards elliptic curve designed for zk-SNARK circuits
BIP39
BIP39 hierarchical deterministic (HD) wallet for deriving secp256k1 keys
C25519
elliptic curve designed for Diffie-Hellman (ECDH) key exchange
Ed25519
EdDSA signature scheme using SHA-512 (SHA-2)
RSA
2048, 3072 and 4096-bit PSS and PKCS for sign/verify operations OAEPSHA256 for encrypt/decrypt operations
secp256k1
elliptic curve used with ECDSA (i.e., ETH, BTC)
Previous
Sealing/Unsealing
Next
Creating a Key
Last modified 6mo ago
Copy link
Contents
Supported Specs
Symmetric
Asymmetric