Derive Key
Dfns decentralized key management network supports threshold Diffie-Hellman protocol based on GLOW20 paper. You can use the DH protocol to derive output from a domain separation tag and a seed value. The derivation process is deterministic, i.e. the same Diffie-Hellman key and seed will lead to the same derived output. To ensure reproducibility, we use hash to curve RFC9380 and standard ciphersuite secp256k1_XMD:SHA-256_SSWU_RO_.
This endpoint only supports Diffie-Hellman keys. Regular threshold signature keys, like ECDSA or EdDSA, will not work. You can create a Diffie-Hellman key with the Create Key endpoint using scheme=DH and curve=secp256k1.
Authentication
✅ Organization User (CustomerEmployee)✅ Delegated User (
EndUser)✅ Service Account
Required Permissions
Keys:Derive: Always required.Authorizations
Bearer Token: Used to authenticate API requests. More details how to generate the token: Authentication flows
User Action Signature: Used to sign the change-inducing API requests. More details how to generate the token: User Action Signing flows
Path Parameters
1Response
Success