ReconcileStoreDao

Data Access Object for storing and retrieving keyshare reconciliation state.

This DAO manages the two-phase lifecycle of keyshares during MPC operations:

Keyshare States

currentKeyshare

• Purpose: Active keyshare ready for signing operations

• Status: Fully reconciled and verified

• Usage: Use this for all signing, derivation, and export operations

• Safety: Can be used immediately after reconciliation completes

stagedKeyshare

• Purpose: Keyshare awaiting final reconciliation step

• Status: MPC computation complete, but reconciliation pending

• Usage: Automatically becomes currentKeyshare after reconciliation

• Recovery: If reconciliation fails, this can be reconciled later

State Transitions

Operation Start → MPC Computation → stagedKeyshare → Reconciliation → currentKeyshare
                                                           ↓
                                                   Network Failure/Interruption
                                                           ↓
                                                   stagedKeyshare (needs retry)

When States Are Used

• keygen(): Creates stagedKeyshare, then reconciles to currentKeyshare

• keyRefresh(): Creates stagedKeyshare, then reconciles to currentKeyshare

• import(): Creates stagedKeyshare, then reconciles to currentKeyshare

• reconcileKeyshare(): Converts existing stagedKeyshare to currentKeyshare

Implementation Notes

• Both fields can be null (no keyshare stored)

• Only one state should be non-null at a time (except during transitions)

• Keyshares are sensitive cryptographic material - encrypt at rest

• The keyId uniquely identifies this keyshare across all operations

Parameters