Skip to content

feat(keys)!: add derivation for message-signing and fallback keys#24348

Draft
nchamo wants to merge 3 commits into
merge-train/fairies-v5from
nchamo/derive-signing-fallback-keys
Draft

feat(keys)!: add derivation for message-signing and fallback keys#24348
nchamo wants to merge 3 commits into
merge-train/fairies-v5from
nchamo/derive-signing-fallback-keys

Conversation

@nchamo

@nchamo nchamo commented Jun 27, 2026

Copy link
Copy Markdown
Contributor

Why we are doing this

#23510 added the message-signing (mspk) and fallback (fbpk) keys to the protocol PublicKeys, but baked them into the address commitment as fixed default values with no derivation path. This gives both keys real per-account derivations.

The message-signing key is the prerequisite for interactive handshakes: a recipient's consent signature is verified against mspk.

Our fix

  • deriveKeys derives mssk/fbsk and populates the mspk/fbpk hashes from them, instead of the shared default constants.
  • The key store persists and exposes both keypairs; the now-repetitive getters are collapsed behind a single helper.

Because the mspk/fbpk hashes feed PublicKeys::hash(), every account address derived from a secret changes — hence the breaking flag. Standard and protocol contracts derive from PublicKeys::default() (unchanged), so their addresses are unaffected.

@nchamo nchamo added ci-no-fail-fast Sets NO_FAIL_FAST in the CI so the run is not aborted on the first failure ci-draft Run CI on draft PRs. labels Jun 27, 2026
@nchamo nchamo self-assigned this Jun 27, 2026
@nchamo nchamo added ci-full Run all master checks. and removed ci-full Run all master checks. labels Jun 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

ci-draft Run CI on draft PRs. ci-no-fail-fast Sets NO_FAIL_FAST in the CI so the run is not aborted on the first failure

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant