Signing
api.sign drives the two-party MPC ceremony and returns raw signature bytes.
sign runs the centralized signature math locally, posts the user-side
message, polls until the on-chain sign session completes, and returns
the raw signature bytes.
import { Curve, Hash, SignatureAlgorithm } from "@mpckit/sdk";
const sig = await api.sign({
seed,
dwalletId,
curve: Curve.SECP256K1,
signatureAlgorithm: SignatureAlgorithm.ECDSASecp256k1,
hashScheme: Hash.SHA256,
message: new TextEncoder().encode("hello"),
userSecretKeyShareHex,
// optional
idempotencyKey: "ord_12345",
timeoutMs: 180_000,
});
console.log(sig.signature); // Uint8Array
console.log(sig.signRequestId); // backend record id
console.log(sig.signSessionId); // ika protocol session id
console.log(sig.txDigest); // sui tx digest, or null if not finalized yetSignArgs
Prop
Type
SignResult
Prop
Type
What the bytes look like
sig.signature is a raw Uint8Array in the standard encoding for the
algorithm you chose: ECDSA returns r ‖ s (with a recovery byte for
secp256k1), BIP-340 Taproot returns 64 bytes, Ed25519 EdDSA returns
64 bytes, Schnorrkel returns 64 bytes. Encoding to a chain-native
format (RLP for EVM, base58 for Solana, Taproot witness for Bitcoin)
is your responsibility.
Idempotency
Pass an idempotencyKey to make retries safe. The backend
de-duplicates sign calls keyed on it, so a retried call returns the
original signature instead of triggering a second sign session. The
SDK auto-generates one if you don't pass it.
import { newIdempotencyKey } from "@mpckit/sdk";
const key = newIdempotencyKey(); // UUID-v7
await api.sign({ /* ... */, idempotencyKey: key });
// safe to retry on network failure with the same key