Skip to content

digitalbazaar/mldsa-multikey

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.github/workflows
.github/workflows
 
 
util
util
 
 
.eslintrc.cjs
.eslintrc.cjs
 
 
.gitignore
.gitignore
 
 
.npmrc
.npmrc
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
karma.conf.cjs
karma.conf.cjs
 
 
package.json
package.json
 
 

Repository files navigation

ML-DSA Multikey Library (@digitalbazaar/mldsa-multikey)

Node.js CI NPM Version

Javascript library for generating and working with MldsaMultikey key pairs.

Table of Contents

Background

For use with:

See also (related specs):

Security

As with most security- and cryptography-related tools, the overall security of your system will largely depend on your design decisions.

Install

  • Node.js 22+ is required.

To install locally (for development):

git clone https://github.com/digitalbazaar/mldsa-multikey.git
cd mldsa-multikey
npm install

Usage

Generating a new public/secret key pair

To generate a new public/secret key pair:

  • {number} [nistSecurityLevel] [Required] Desired NIST security level used to generate the key: [2].
  • {string} [id] [Optional] ID for the generated key.
  • {string} [controller] [Optional] Controller URI or DID to initialize the generated key. (This will be used to generate id if it is not explicitly defined.)
import * as MldsaMultikey from '@digitalbazaar/mldsa-multikey';

const keyPair = await MldsaMultikey.generate({nistSecurityLevel: 2});

Importing a key pair from storage

To create an instance of a public/secret key pair from data imported from storage, use .from():

const serializedKeyPair = { ... };

const keyPair = await MldsaMultikey.from(serializedKeyPair);

Exporting the public key only

To export just the public key of a pair:

await keyPair.export({publicKey: true});
// ->
{
  type: 'Multikey',
  id: 'did:example:1234#TBD',
  controller: 'did:example:1234',
  publicKeyMultibase: 'TBD'
}

Exporting the full public-secret key pair

To export the full key pair, including secret key (warning: this should be a carefully considered operation, best left to dedicated Key Management Systems):

await keyPair.export({publicKey: true, secretKey: true});
// ->
{
  type: 'Multikey',
  id: 'did:example:1234#TBD',
  controller: 'did:example:1234',
  publicKeyMultibase: 'TBD',
  secretKeyMultibase: 'TBD'
}

Creating a signer function

In order to perform a cryptographic signature, you need to create a sign function, and then invoke it.

const keyPair = MldsaMultikey.generate({nistSecurityLevel: 2});

const {sign} = keyPair.signer();

// data is a Uint8Array of bytes
const data = (new TextEncoder()).encode('test data goes here');
// Signing also outputs a Uint8Array, which you can serialize to text etc.
const signature = await sign({data});

Creating a verifier function

In order to verify a cryptographic signature, you need to create a verify function, and then invoke it (passing it the data to verify, and the signature).

const keyPair = MldsaMultikey.generate({nistSecurityLevel: 2});

const {verify} = keyPair.verifier();

const valid = await verify({data, signature});
// true

Contribute

See the contribute file!

PRs accepted.

If editing the Readme, please conform to the standard-readme specification.

Commercial Support

Commercial support for this library is available upon request from Digital Bazaar: support@digitalbazaar.com

License

New BSD License (3-clause) © 2026 Digital Bazaar

About

Javascript library for generating and working with MldsaMultikey key pairs.

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages