Skip to content
You are reading Quorum Key Manager development version documentation and some displayed features may not be available in the stable release. You can switch to stable version using the version box at screen bottom.

Sign a transaction with EDDSA and Baby Jubjub

This tutorial walks you through signing an Ethereum transaction with Quorum Key Manager (QKM) using the EDDSA signing algorithm and Baby Jubjub elliptic curve (also referred to as the BN254 twisted Edwards curve).



  1. In the QKM manifest file, specify an Ethereum store to allocate your Ethereum wallets, and the RPC node to proxy your calls using QKM.

    Example manifest file

    - kind: HashicorpKeys
      name: hashicorp-keys
        mountPoint: '{ENGINE_MOUNT_POINT}'
        address: '{HASHICORP_VAULT_URL}'
        tokenPath: '{VAULT_TOKEN_PATH}'
        namespace: '{KEYS_NAMESPACE}'
    - kind: Node
      name: besu-node
          addr: http://besu-node:8545
  2. Start QKM with the manifest file by using the --manifest-path option:

    key-manager run --manifest-path=<PATH-TO-MANIFEST-FILE>
  3. Create an Ethereum account using EDDSA and Baby Jubjub:

    curl --request POST 'http://localhost:8080/stores/hashicorp-keys/keys/bn254-key' --header 'Content-Type: application/json' --data-raw '{"curve": "babyjubjub", "signingAlgorithm": "eddsa"}'
        "id": "bn254-key",
        "publicKey": "Cjix/fS3WdqKGKabagBNYwcClan5aImoFpnjSF0cqJs=",
        "curve": "babyjubjub",
        "signingAlgorithm": "eddsa",
        "disabled": false,
        "createdAt": "2021-09-09T11:18:51.5877561Z",
        "updatedAt": "2021-09-09T11:18:51.5877561Z"
  4. Sign a payload using the created key pair:

    echo -n "my signed message" | base64
    curl --request POST 'http://localhost:8080/stores/hashicorp-keys/keys/bn254-key/sign' --header 'Content-Type: application/json' --data-raw '{"data": "bXkgc2lnbmVkIG1lc3NhZ2U="}'
  5. Verify your message:

    curl --request POST 'http://localhost:8080/stores/hashicorp-keys/keys/verify-signature' --header 'Content-Type: application/json' --data-raw '{"curve": "babyjubjub", "signingAlgorithm": "eddsa", "data": "bXkgc2lnbmVkIG1lc3NhZ2U=", "publicKey": "yhUiySkg/cKbiN8soKZ5YO0GXHqzx8iycnABzYMPE5A=", "signature": "tjThYhKSFSKKvsR8Pji6EJ+FYAcf8TNUdAQnM7MSwZEEaPvFhpr1SuGpX5uOcYUrb3pBA8cLk8xcbKtvZ56qWA=="}'
Questions or feedback? You can discuss issues and obtain free support on Quorum Key Manager Discord channel.