export

suspend fun export(keyId: String, otherEncryptedKeyshare: ByteArray, hostEncryptionKey: ByteArray, otherDecryptionKey: ByteArray): Result<ByteArray>

Reconstructs the full private key by combining this party's share with the peer's — the way to move a key out of MPC, or to back it up.

This is a local cryptographic combine (no network): the peer's share arrives encrypted and the supplied key material decrypts it. The result is the raw private key — treat it with the same care as any private key and encrypt it at rest. Bring it back under MPC later with import.

val (hostEncryptionKey, hostPublicKey) =
SilentShard.ECDSA.generateEncryptionDecryptionKeyPair()
// Give hostPublicKey to the peer; obtain its encrypted share and decryption key in return.
val privateKey = session.export(
keyId = keyId,
otherEncryptedKeyshare = peerEncryptedKeyshare,
hostEncryptionKey = hostEncryptionKey,
otherDecryptionKey = peerDecryptionKey,
).getOrThrow()

Return

the reconstructed raw private-key bytes.

Parameters

keyId

the hex-encoded keyId to export; the SDK reads this party's share from its StorageClient.

otherEncryptedKeyshare

the peer's encrypted share, obtained out of band.

hostEncryptionKey

this party's encryption key for the export.

otherDecryptionKey

the peer's decryption (public) key.

See also