🔐 Offline / Client-Side Key Derivation for ICP (ECDSA & Schnorr)

marc0olo · October 16, 2025, 2:48pm

Developers can derive canister public keys entirely offline / client-side, without calling the management canister.
We’ve released a new Rust library, and a TypeScript library many developers haven’t discovered yet — both supporting ECDSA and Schnorr key derivation.

Why this matters
ICP’s key derivation is deterministic and public — given the master public key, canister ID, and derivation path, anyone can compute the same canister public key locally.
No secrets. No blockchain calls. Just pure math.

What this enables

Verify canister public keys offline / client-side
Derive blockchain addresses (e.g. Ethereum, Bitcoin) for canisters
Build explorers or dashboards showing cross-chain balances
Simplify development and testing without connecting to ICP

Learn how it works

Get started

Rust: ic-pub-key (brand new)
TypeScript: @dfinity/ic-pub-key

marc0olo · October 16, 2025, 2:51pm

@franzstefan @JackLloyd I decided to post about this topic here as @skilesare wasn’t aware that this is possible. so I assume others might also not be aware

do we also have a plan to create a Motoko library?

Topic		Replies	Views
RSA Rust lib for key generation and encryption Rust	5	1218	February 16, 2023
How to create secp256k1 hash using rust or motoko in dfinity Language Support Motoko	3	1488	August 9, 2021
Completed: ICDevs.org Bounty #27b - NoKeyWallet - Rust - up to $10k Bounties & RFPs Discussing	23	2537	December 19, 2022
Freezer: ICDevs.org Bounty #23b - Private Candid - Rust Bounties & RFPs	1	913	August 11, 2022
Retired: ICDevs.org - Bounty #23b - MetaCalls - Rust - up to $10k Bounties & RFPs Discussing	8	1959	September 28, 2023

🔐 Offline / Client-Side Key Derivation for ICP (ECDSA & Schnorr)

Related topics