Module diem_config::keys

source ·
Expand description

This file implements a KeyPair data structure.

The point of a KeyPair is to deserialize a private key into a structure that will only allow the private key to be moved out once (hence providing good key hygiene) while allowing access to the public key part forever.

The public key part is dynamically derived during deserialization, while ignored during serialization.

Structs

  • ConfigKey
    ConfigKey places a clonable wrapper around PrivateKeys for config purposes only. The only time configs have keys is either for testing or for low security requirements. Diem recommends that keys be stored in key managers. If we make keys unclonable, then the configs must be mutable and that becomes a requirement strictly as a result of supporting test environments, which is undesirable. Hence this internal wrapper allows for keys to be clonable but only from configs.