TrioSession
A three-party threshold-signature session.
A TrioSession splits a private key across three parties in a 2-of-3 scheme: any two cooperate to sign, and no single party ever holds the whole key. On top of the operations a two-party session offers, it adds three-party capabilities — preSign/preSignFinal for low-latency signing, recover to rebuild a lost share from the other two parties, and hardDerivation for independent child keyshares. It supports ECDSA (secp256k1) and EdDSA (Ed25519); the pre-signature operations and hardDerivation are ECDSA-only.
The keyId model
Session operations are addressed by an opaque keyId string, not by keyshare bytes. The SDK reads and writes the actual share through the StorageClient you supply at construction, so your code never holds raw keyshare material. keygen, import, recover, and hardDerivation return a keyId; the remaining operations take one.
The stateless helpers on the SilentShard facade take keyshare bytes you read from your own StorageClient by keyId (see com.silencelaboratories.silentshard.trio.SilentShard.getKeysharePublicKey).
Usage
val session = SilentShard.ECDSA.trioInitiator(
messageSigner = myMessageSigner, // your hardware-backed identity key
cloudVerifyingKey = peerVerifyingKeyHex,
websocketConfig = WebsocketConfig(url = "wss://your-server.example.com"),
storageClient = myStorageClient, // the SDK persists keyshares here
)
val keyId = session.keygen().getOrThrow()
val signature = session.sign(keyId, message = messageHashHex).getOrThrow()All operations are suspend functions and perform network I/O; call them off the main thread.
See also
for construction and stateless helpers.
for keyshare persistence.
for the staged/current keyshare lifecycle.