Understanding spubKey & encSPriKey

Community Member
edited December 2022 in CLI

Hey 1Password Team, first off amazing!! Thank you for being so open / transparent with how all of this cryptography works. I do not have any cryptography background and over the last month I've gone from zero knowledge to now having my own set of tools for interacting with 1Password (just to see how it works).

However, now that I've been nosy, what are the spubKey and encSPriKey?

My guess is that they roughly translate to "Public Signing Key" and "Private Signing Key".

In case not immediately familiar with these fields, in the POST to /api/v1/account, the initial keyset contains the following keys:

  • encSymKey
  • pubKey
  • encPriKey
  • spubKey
  • encSPriKey

I'm familiar with the first three as those represent elements needed to unlock the vaults. But I cannot figure out where the spubKey and encSPriKey come into play.

My guess is that they come into play when sharing secrets between accounts. In the white-paper, Appendix E talks about "Verifying public keys" and the challenges inherint in validating a public key against a MITM attack. So... I think these keys are an implementation of the proposed solution in Appendix E (Patty & Molly talk directly to each other) but I'm not sure.

Any clues / hints would be greatly appreciated.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Referrer: forum-search:encSPriKey

This discussion has been closed.