Creates an instance of the class with a specified private key, optional expiry date, and optional blinder. This constructor initializes the public key, sets the expiry date to a default value if not provided, generates a blinder if not supplied, and calculates the nonce based on the public key, expiry date, and blinder.
The parameters for constructing the instance.
Optionalblinder?: HexInputOptional blinder value. If not provided, a new blinder will be generated.
OptionalexpiryDateSecs?: numberOptional expiry date in seconds from the current time. Defaults to two weeks from now.
The private key used for creating the instance.
ReadonlyblinderA byte array of length BLINDER_LENGTH used to obfuscate the public key from the IdP. Used in calculating the nonce passed to the IdP and as a secret witness in proof generation.
ReadonlyexpiryA timestamp in seconds indicating when the ephemeral key pair is expired. After expiry, a new EphemeralKeyPair must be generated and a new JWT needs to be created.
ReadonlynonceThe value passed to the IdP when the user authenticates. It consists of a hash of the ephemeral public key, expiry date, and blinder.
SECURITY: This value is NOT secret. It is sent to the IdP in the OIDC
redirect URL, embedded in the returned JWT, and packed into the proof
inputs sent to the prover service. The clear() lifecycle hook does
NOT zero this field — it is an immutable JS string and JavaScript
provides no API to overwrite string memory. A memory-read attacker who
dumps the process after clear() could correlate the surviving nonce
against IdP logs or on-chain activity. This is acceptable given that
the nonce was always public to begin with; it just means the privacy
benefit of clear() does not extend to unlinking the (already public)
nonce from any later forensic snapshot.
Overwrites the ephemeral private key and blinder byte buffers with random bytes and then zeros. After calling this method the key pair can no longer sign transactions.
SECURITY: This is a best-effort window-narrowing tool, NOT a true
zeroization guarantee. See Ed25519PrivateKey.clear() for the full
enumeration of JavaScript-level limits (immutable string copies, noble
BigInt intermediates, JIT register/stack residue, GC-relocated
copies).
SPECIFIC TO EphemeralKeyPair: the nonce field is NOT cleared by
this method. It is the OIDC nonce — already public (it appears in the
IdP redirect URL, the returned JWT, and the proof inputs) — and is
stored as an immutable JS string that the language provides no API to
overwrite. See the nonce field JSDoc for the narrow
forensic-correlation consequence.
Returns whether the ephemeral key pair has been cleared from memory.
true if the key pair has been cleared, false otherwise
Checks if the current time has surpassed the expiry date of the key pair.
boolean - Returns true if the key pair is expired, otherwise false.
Serializes the object's properties into a format suitable for transmission or storage. This function is essential for preparing the object data for serialization processes.
The serializer instance used to serialize the object's properties.
Sign the given data using the private key, returning an ephemeral signature. This function is essential for creating a secure signature that can be used for authentication or verification purposes.
The data to be signed, provided in HexInput format.
EphemeralSignature - The resulting ephemeral signature.
StaticdeserializeDeserializes an ephemeral key pair from the provided deserializer. This function helps in reconstructing an ephemeral key pair, which is essential for cryptographic operations.
The deserializer instance used to read the serialized data.
StaticfromDeserialize a byte array into an EphemeralKeyPair object. This function allows you to reconstruct an EphemeralKeyPair from its serialized byte representation.
The byte array representing the serialized EphemeralKeyPair.
StaticgenerateGenerates a new ephemeral key pair with an optional expiry date. This function allows you to create a temporary key pair for secure operations.
An instance of EphemeralKeyPair containing the generated private key and expiry date.
Serializes a Serializable value to its BCS representation.
This function is the TypeScript SDK equivalent of bcs::to_bytes in Move.
the BCS representation of the Serializable instance as a byte buffer.
Converts the BCS-serialized bytes of a value into a Hex instance. This function provides a Hex representation of the BCS-serialized data for easier handling and manipulation.
A Hex instance with the BCS-serialized bytes loaded into its underlying Uint8Array.
Returns the hex string representation of the Serializable value with the 0x prefix.
the hex format as a string prefixed by 0x.
Returns the hex string representation of the Serializable value without the 0x prefix.
the hex format as a string without 0x prefix.
Represents an ephemeral key pair used for signing transactions via the Keyless authentication scheme. This key pair is temporary and includes an expiration time. For more details on how this class is used, refer to the documentation: https://aptos.dev/guides/keyless-accounts/#1-present-the-user-with-a-sign-in-with-idp-button-on-the-ui