BRC-42

Overview

BRC-42 defines a standardized protocol for deriving encryption and signing keys from a master private key. This enables secure, deterministic key generation for various applications and services.

Purpose

BRC-42 solves the key management problem by:

Providing deterministic key derivation
Enabling per-protocol and per-counterparty keys
Supporting both encryption and signing operations
Maintaining privacy through key isolation

Key Concepts

Protocol ID

A unique identifier for each application or protocol (e.g., "hello world", "payments")

Key ID

An identifier for specific use cases within a protocol (e.g., message encryption, data signing)

Counterparty

The public key of the party you're interacting with (optional)

Invoice Number

A unique number for per-interaction keys (optional)

Basic Usage

import { PrivateKey } from '@bsv/sdk'

const privateKey = PrivateKey.fromWif('your-wif-key')

// Derive a key for a specific protocol
const derivedKey = privateKey.deriveChild(
  PrivateKey.fromString('hello world'), // protocolID
  PrivateKey.fromString('encryption')    // keyID
)

Use Cases

Application-Specific Keys

Derive unique keys for different applications without exposing your master key.

Encryption Keys

Generate encryption keys for secure communication with specific counterparties.

Signing Keys

Create signing keys for authentication and message verification.

Invoice-Specific Keys

Generate unique keys for each payment or interaction.

Security Features

Key Isolation: Each protocol/application uses separate keys
Deterministic: Same inputs always produce same keys
Counterparty-Specific: Keys can be unique per interaction partner
Master Key Protection: Master key never needs to be exposed

Private Keys - Key management fundamentals
HD Wallets - Hierarchical key derivation

Code Examples

See Code Features - BRC-42 Key Derivation for complete examples.

Common Patterns

Derive Application Key

const appKey = masterKey.deriveChild(
  PrivateKey.fromString('myapp'),
  PrivateKey.fromString('primary')
)

Derive Counterparty-Specific Key

const sharedKey = masterKey.deriveChild(
  protocolID,
  keyID,
  counterpartyPublicKey
)

Derive Invoice Key

const invoiceKey = masterKey.deriveChild(
  protocolID,
  keyID,
  counterpartyPublicKey,
  invoiceNumber
)

Best Practices

Use descriptive protocol IDs
Document your keyID conventions
Never reuse invoice numbers
Store protocol/key IDs securely
Use counterparty keys when possible for added security

Specification

For the complete BRC-42 specification, visit the official BSV documentation.

PreviousBRC-29 NextCode Features Overview

Last updated 2 months ago

Good night

hashtagOverview

hashtagPurpose

hashtagKey Concepts

hashtagProtocol ID

hashtagKey ID

hashtagCounterparty

hashtagInvoice Number

hashtagBasic Usage

hashtagUse Cases

hashtagApplication-Specific Keys

hashtagEncryption Keys

hashtagSigning Keys

hashtagInvoice-Specific Keys

hashtagSecurity Features

hashtagRelated Components

hashtagCode Examples

hashtagCommon Patterns

hashtagDerive Application Key

hashtagDerive Counterparty-Specific Key

hashtagDerive Invoice Key

hashtagBest Practices

hashtagSpecification