Skip to content

feat: Allow PublicKey for TokenCreateTransaction keys #754

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: Allow PublicKey for TokenCreateTransaction keys #754

wants to merge 1 commit into from
+339 −40

Conversation

@Adityarya11
Copy link
Contributor

@Adityarya11 Adityarya11 commented Nov 8, 2025

Description

This PR enhances TokenCreateTransaction to accept both PublicKey and PrivateKey objects for all token key fields (admin, supply, freeze, wipe, etc.), enabling non-custodial transaction construction.

With this change, an application (e.g., an automated agent) can build a transaction using only a user’s PublicKey, serialize it to bytes, and then return it for the user to sign locally with their PrivateKey — preserving ownership and key isolation.

This implementation follows the pattern used in the TypeScript SDK and aligns with TopicCreateTransaction.py behavior, as previously suggested by the maintainer.

Key Changes

  • Introduced Key = Union[PrivateKey, PublicKey] type alias for flexibility and backward compatibility.

  • Updated the TokenKeys dataclass and all set_*_key() methods to accept the new Key type.

  • Re-implemented _to_proto_key() to:

    • Serialize only public key bytes;
    • Automatically derive the public key from a PrivateKey via .public_key();
    • Raise TypeError for unsupported key types.

  • Added comprehensive unit and integration tests to ensure safety and parity:

    • Validates both ED25519 and ECDSA key types.
    • Ensures only public-key data is serialized in the proto.
    • Verifies private-key bytes are never embedded in serialized transaction bytes.

Security & Safety

  • Distinguishes between PrivateKey and PublicKey by Python class type, not by raw bytes — avoiding ambiguity where ED25519 key bytes might appear identical.
  • Guarantees private material is never serialized or exposed in protobuf representations.
  • Added negative tests confirming serialized transactions contain only public-key fields.

Compatibility

  • Fully backward compatible — existing code using PrivateKey continues to work.
  • New usage allows explicit passing of PublicKey for non-custodial scenarios.

Example:

tx = (
    TokenCreateTransaction()
    .set_token_name("MyToken")
    .set_token_symbol("MTK")
    .set_supply_key(user_public_key)
    .freeze()
    .to_bytes()
)
# Agent sends tx bytes to user for signing with their PrivateKey

Parity with TypeScript SDK

Behavior now matches the JS SDK:

  • Accepts either key type (PrivateKey or PublicKey)
  • Always serializes the public representation internally
  • Enables agents to construct unsigned, serializable transactions securely

Related Issue

Fixes #735

Checklist

  • Backward compatible (no breaking changes)
  • Aligned with JS SDK behavior
  • Unit and integration tests added (ED25519, ECDSA, and non-custodial flow)
  • Security verified (no private-key bytes in serialized proto)
  • Documented in CHANGELOG.md

@Adityarya11 Adityarya11 force-pushed the feat/token-key-union#735 branch 6 times, most recently from a9716f3 to e4adf03 Compare November 8, 2025 17:16
exploreriii
exploreriii reviewed Nov 8, 2025
View reviewed changes
Copy link
Contributor

@exploreriii exploreriii left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @Adityarya11
Good efforts with this, and lots of good content
Some of the tests are using unusual methods that sometimes don't test what you are intending -- this is normal, being fairly new to the sdk, but building knowledge will help improve your accuracy over time
I'd recommend checking with us @nadineloepfe @exploreriii @manishdait and see who may be available over the next few days

@Adityarya11
Copy link
Contributor Author

Adityarya11 commented Nov 9, 2025

Hi @Adityarya11 Good efforts with this, and lots of good content Some of the tests are using unusual methods that sometimes don't test what you are intending -- this is normal, being fairly new to the sdk, but building knowledge will help improve your accuracy over time I'd recommend checking with us @nadineloepfe @exploreriii @manishdait and see who may be available over the next few days

Sorry for lots of confusion in my comments and imports, i am refactoring my code again and will fix ASAP.
thanks

@Adityarya11 Adityarya11 force-pushed the feat/token-key-union#735 branch from e4adf03 to cc4e84f Compare November 9, 2025 04:52
@manishdait manishdait enabled auto-merge (squash) November 9, 2025 04:53
@manishdait manishdait disabled auto-merge November 9, 2025 04:53
@Adityarya11
Copy link
Contributor Author

Adityarya11 commented Nov 9, 2025

@exploreriii can you please approve the test workflow so that i can check whether tests are failing or not...
thanks

manishdait
manishdait reviewed Nov 10, 2025
View reviewed changes
manishdait
manishdait reviewed Nov 10, 2025
View reviewed changes
manishdait
manishdait reviewed Nov 10, 2025
View reviewed changes
manishdait
manishdait reviewed Nov 10, 2025
View reviewed changes
@Adityarya11
Copy link
Contributor Author

Adityarya11 commented Nov 10, 2025

@manishdait fixing all the issues ASAP
Thanks.

@Adityarya11 Adityarya11 force-pushed the feat/token-key-union#735 branch from cc4e84f to ce1b7a1 Compare November 10, 2025 15:07
@Adityarya11
Copy link
Contributor Author

Adityarya11 commented Nov 11, 2025

Hello @exploreriii,
Could you please approve the test workflow run for this PR?... I'd like to check the test results.

Additionally, when either you or @manishdait have a moment, I would appreciate a review.

Thanks

@exploreriii
Copy link
Contributor

exploreriii commented Nov 11, 2025

Yes, thank you for the reminder @Adityarya11
I will try and study the issue and get back to you in the next day or so

exploreriii
exploreriii approved these changes Nov 11, 2025
View reviewed changes
Copy link
Contributor

@exploreriii exploreriii left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @Adityarya11
Well done - thank you for taking the time to get the details
I think this is great
I will pass on to @nadineloepfe or @manishdait for a second opinion as keys are sensitive

exploreriii
exploreriii requested changes Nov 11, 2025
View reviewed changes
Copy link
Contributor

@exploreriii exploreriii left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also, please rebase and change this line

  • feat: Allow PrivateKey to be used for keys in TopicCreateTransaction for consistency.
  • in your changelog

to the new unreleased section as we have released 0.1.8 now

@Adityarya11 Adityarya11 force-pushed the feat/token-key-union#735 branch from ce1b7a1 to 622293f Compare November 12, 2025 05:38
@Adityarya11
feat: Allow PrivateKey in TopicCreateTransaction keys
08d4faa 
Signed-off-by: Adityarya11 <arya050411@gmail.com>
@Adityarya11 Adityarya11 force-pushed the feat/token-key-union#735 branch from 622293f to 08d4faa Compare November 12, 2025 06:27
@exploreriii
Copy link
Contributor

exploreriii commented Nov 12, 2025

Requesting second opinion @nadineloepfe or @manishdait for as keys are sensitive

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@exploreriii exploreriii exploreriii approved these changes

@manishdait manishdait Awaiting requested review from manishdait

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support passing PublicKey instead of PrivateKey for TokenKeys object in token creation

3 participants

@Adityarya11 @exploreriii @manishdait