Home
.png)
KeyChain is a standalone app for signing transactions and generating key pairs.
You can integrate KeyChain as a service through pipe or websocket methods.
For quick step-by-step guides, see Pipe integration guide and WebSocket integration guide that you can find in the corresponding API.
For simple installation tutorials for Windows, MacOs, and Linux, go to Installation guides.
Read full KeyChain Protocol with comprehensive descriptions of json requests broken down into simple commands and parameters.
The section KeyChain sample commands gives you a shortcut to interacting with KeyChain. There you can find only the examples of the commands with short descriptions.
You can find the detailed technical specification of the KeyChain system below if you refer to Three security layers of KeyChain section.
Choosing a means of storing keys is an important and responsible task that everybody needs to address when considering making transactions - irrespective of the type of blockchain they use. That is why here we show you the detailed structure of our KeyChain - so that your choice of key storage is an informed decision based on real knowledge of what stands behind the system.
KeyChain encrypts private keys using AES256 algorithm and stores the keys in an isolated environment that is protected with three security layers.
AES256 was first adopted by the U.S. government and now is used worldwide as a secure and reliable way of protecting information. It stands for Advanced Encryption Standard which handles 256-bit keys. This is a symmetric encryption algorithm that creates an output (ciphertext) from the input (plaintext) in 14 rounds which involve several steps of encryption. These steps combine the procedures of other symmetric encryption algorithms: substitution cipher with a reference table, adding round key, shifting rows, and mixing columns - all performed multiple times.
Apps or websites send requests to the KeyChain through two types of communication - standard I/O streams (mostly called pipes), and the WebSocket. The architecture of the KeyChain software consists of the three independent layers:
-
API layer which integrates with your app, website or any external application. It is language-neutral. The protocol for the terminal application operates with the JSON format in synchronous request/response way. The main function of the API layer is to transmit and parse commands for given API. Each request carries information about commands, the type of key user wants to use to sign transactions and other relevant parameters which you can find in the Protocol.
-
Security layer receives the commands from the API layer and acts as an OS-specific protection mechanism for the interface window (third layer). It serves as a shield from potential attacks at sensitive data and information. Security layer is tailored for the Mac OS, Linux, and Windows OS and operates only with permitted files (through admin access). The request, transmitted to the Signing module which holds the private keys, works simultaneously with the Secured input module that uses OS-specific mechanism. The Secured input module protects the passphrase from key grabbers and malware.
-
Representation layer is the UI window which notifies the user about the details of transactions and necessary actions. The interface window is initiated from Security layer. Once the user inputs the correct passphrase, it sends the permission to the Signing module to unlock the demanded key. Passphrase input field is protected by the secured input module. Security layer decrypts the given key with the correct passphrase entered by the user. In this instance Signing module can operate with the open private key, for example it can extract information, sign transactions, therefore responding to given requests.