feat: add X25519 multikey key-agreement keypairs#36
Conversation
Adds multikey/x25519: an X25519 keypair type for ECDH key agreement (e.g. ECDH-ES+A256KW key wrapping). Unlike the ed25519/secp256k1 signing keys, X25519 keys cannot sign or verify, so this is an independent keypair type rather than a multikey.Signer/Verifier. It still follows the same multiformats and did:key conventions: * tagged private (x25519-priv, 0x1302) / public (x25519-pub, 0xec) bytes * Raw/Bytes/Parse/Decode round-trips, plus did:key (z6LS...) encoding and ParsePublicKeyDID for recovering a public key from its DID * ECDH shared-secret derivation against a peer public key Groundwork for the Hilt per-tenant wrap-key registry (FIL-475). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01W7WcBfhKfPFyj2Gp4H6s7R
There was a problem hiding this comment.
Pull request overview
Adds a new multikey/x25519 package that implements X25519 key-agreement keypairs (ECDH) using the same multiformats + did:key encoding conventions used elsewhere in the multikey family, along with tests validating round-trips and shared-secret derivation.
Changes:
- Introduces
KeyPairandPublicKeytypes for X25519, including multicodec tagging, multibase encoding/decoding, anddid:keyround-tripping. - Adds
ECDHshared-secret derivation between a private keypair and a peer public key. - Adds tests covering generation, private/public encode/decode/parse, DID round-trips, wrong-key-type rejection, and ECDH agreement.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| multikey/x25519/x25519.go | Implements X25519 keypair/public-key types with multiformats tagging, multibase encoding, did:key support, and ECDH. |
| multikey/x25519/x25519_test.go | Exercises key generation, round-trips (raw/tagged/multibase/DID), rejection cases, and shared-secret agreement. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Guard KeyPair.ECDH against a nil *PublicKey (or one with a nil underlying key) rather than dereferencing it and panicking, since peer keys may come from external input. Addresses PR review feedback. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01W7WcBfhKfPFyj2Gp4H6s7R
Extend the ECDH nil-guard to the receiver: a nil *KeyPair or a zero-value keypair (nil underlying private key) now returns an error instead of panicking, matching the guard already applied to the peer key. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01W7WcBfhKfPFyj2Gp4H6s7R
|
Closing — X25519 doesn't belong in ucantone after all. X25519 is a key-agreement key, not a signing key: it's no So the helper has moved to a hilt-local package, Superseded by fil-forge/hilt#14. Generated by Claude Code |
Adds
multikey/x25519: an X25519 keypair type for ECDH key agreement (e.g. ECDH-ES+A256KW key wrapping in the FilOne encryption design).Unlike the
ed25519/secp256k1signing keys, X25519 keys cannot sign or verify, so this is an independent keypair type rather than amultikey.Signer/multikey.Verifier. It still follows the same multiformats and did:key conventions:x25519-priv,0x1302) / public (x25519-pub,0xec) bytes, via the sharedinternal/multiformathelpersRaw/Bytes/Parse/Decoderound-trips, plus did:key (z6LS…) encoding andParsePublicKeyDIDfor recovering a public key from its DIDECDHshared-secret derivation against a peer public keyTests cover key generation, the private/public round-trips, wrong-key-type rejection, the
did:keyprefix/round-trip, and that two parties (and a key recovered from its DID) derive the same ECDH secret.This is groundwork for the Hilt per-tenant wrap-key registry — FIL-475.
🤖 Generated with Claude Code
Generated by Claude Code