Keys and Signatures

Signatures are a critical component to every Hedera API transaction. Hedera currently supports ED25519 and Contract keys.

Hedera supports more advanced signature types out-of-the-box. These provide great flexibility for managing account transactions without involving added overhead of a smart contract.

There are three different key type options:

  • Key list: a list of signatures required to authorize a transaction (multi-signature).

  • Threshold: a list with a set minimum number of signatures required (m of n signatures). Threshold signatures enable partial approval of transactions.

  • Nested: a complex hierarchy of signatures required, up to 4kb. This can include key lists or thresholds within a nest for modeling more advanced scenarios.

All transaction types support the above key structures. For a transaction to go through, signatures must match their set requirements.

Public/private key pairs are used to identify the user and sign transactions that are submitted to the network for consensus. The public key can be shared and is visible to other users in the network. The private key is kept secret to the owner and grants access for the owner to transfer available funds in their account. Private keys cannot be recovered once they are lost. Public and private keys are generated by an algorithm and are unique to one another.

The Hedera platform supports the following public key signature systems:

  • Ed25519 (currently supported)

  • RSA-3072

  • ECDSA (p384)

  • Smart contract ID (virtual keys)