Cryptographic Keys form the foundation for verifiable claims within Qri. Qri supports multiple key types, and defines a key data structure that encapsulates key data and key type identifiers.

Keys follow the definition of an asymetric keypair from libp2p.

syntax = "proto2";

package crypto.pb;

// KeyType enumeration order is defined by libp2p
// expression as strings is 
enum KeyType {
	RSA       = 0; // as a string: ”RS256”
	Ed25519   = 1; // as a string: ""
	Secp256k1 = 2; // as a string: ""
	ECDSA     = 3; // as a string: ”EdDSA”
}

message PublicKey {
	required KeyType Type = 1;
	required bytes   Data = 2;
}

message PrivateKey {
	required KeyType Type = 1;
	required bytes   Data = 2;
}

Key Types

Key Types within Qri seek a "spec union" between libp2p, multicodec prefixes, W3C decentralized Identifiers, and fission UCAN tokens.

While all of these key types SHOULD be supported, Ed25519 Keys MUST be supported, and are the preferred key type. RSA keys are considered a legacy format. Implementations should NOT create new keys with the RSA where possible.