Skip to content

docs: document ML-DSA-65 post-quantum access keys#3061

Open
r-near wants to merge 12 commits into
masterfrom
docs/post-quantum-access-keys
Open

docs: document ML-DSA-65 post-quantum access keys#3061
r-near wants to merge 12 commits into
masterfrom
docs/post-quantum-access-keys

Conversation

@r-near

@r-near r-near commented Jun 18, 2026

Copy link
Copy Markdown
Contributor

What

Documents the ML-DSA-65 (FIPS 204) post-quantum signature scheme as a third access-key / transaction-signing option alongside ed25519 and secp256k1.

Covers the feature added in nearcore#15731 and its support across NEAR tooling:

Changes

  • protocol/accounts-contracts/access-keys.mdx — new Signature Schemes section (a canonical comparison of the three schemes) plus a Post-Quantum Keys (ML-DSA-65) subsection covering FIPS 204, key/signature sizes, on-chain hash storage (32-byte SHA3-256), the ml-dsa-65-hash: view behavior, and pointers to the CLI and library tooling.
  • api/rpc/contracts.mdx — documents view_access_key and view_access_key_list (previously undocumented) and how ml-dsa-65 keys surface as ml-dsa-65-hash: in key lists.
  • tools/cli.mdx — new Generate a key pair section (generate-keypair), --signature-scheme ml-dsa-65 examples on the add-key autogenerate flow, and a note on the delete-key picker limitation for hash-only PQ keys.
  • tools/near-api.mdx — new Post-Quantum Keys (ML-DSA-65) section with near-kit (TypeScript) and near-kit-rs (Rust) examples for generating, adding, and signing with a post-quantum key.
  • smart-contracts/anatomy/actions.mdx — note that add_access_key / add_full_access_key accept ml-dsa-65 public keys with no code changes.
  • smart-contracts/anatomy/environment.mdx — note that signer_account_pk may return an ml-dsa-65 key.

Notes for reviewers

  • Live on testnet. ML-DSA-65 is enabled by the PostQuantumSignatures protocol feature (protocol version 85, the nearcore 2.13 line) and is available on testnet, so content is written GA-style.
  • Scope: access keys + transaction signing only. Validator (staking) keys, block production, implicit-account addresses, and on-chain signature verification remain ed25519 / secp256k1. PQ keys are random-only (no seed phrase) and have no implicit-account form today (the nearcore source notes an ML-DSA-65 implicit-account form as a possible future addition).
  • Client-library support: near-kit (TypeScript) and near-kit-rs (Rust) both support ml-dsa-65 end-to-end — keygen, add-key, signing, and parsing the ml-dsa-65-hash: view handle. near-api-js and py-near support is still pending, a follow-up for when it lands.
  • Corrected hash detail: the on-trie access-key handle is a 32-byte SHA3-256 digest (ML_DSA_65_HASH_LENGTH = 32; to_public_key_handle uses Sha3_256), not a 48-byte SHA3-384 hash as an earlier revision stated. Verified against nearcore core/crypto/src/signature.rs and cross-checked against both near-kit and near-kit-rs. Other values also verified: sizes 1952 / 3309 / 4032 B, domain tag near:ml-dsa-65-pubkey-hash:v1.

@mintlify

mintlify Bot commented Jun 18, 2026

Copy link
Copy Markdown
Contributor

Preview deployment for your docs. Learn more about Mintlify Previews.

Project Status Preview Updated (UTC)
neardocs 🟢 Ready View Preview Jun 18, 2026, 5:59 PM

💡 Tip: Enable Workflows to automatically generate PRs for you.

Resolve access-keys.mdx: keep both the new 'Limited Access Key Caveats'
(from master) and 'Signature Schemes' (this branch) sections.
…kit + near-kit-rs support

- Fix hash size in access-keys.mdx and rpc/contracts.mdx: nearcore
  core/crypto/src/signature.rs stores a 32-byte SHA3-256 digest
  (ML_DSA_65_HASH_LENGTH = 32, to_public_key_handle uses Sha3_256),
  not a 48-byte SHA3-384 hash.
- Add a Post-Quantum Keys (ML-DSA-65) section to tools/near-api.mdx with
  near-kit (TypeScript) and near-kit-rs (Rust) examples.
- Add a tooling/library pointer from the access-keys concept page.
@r-near r-near marked this pull request as ready for review July 2, 2026 00:33
Copilot AI review requested due to automatic review settings July 2, 2026 00:33

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR documents the new ML-DSA-65 (FIPS 204) post-quantum signature scheme as a supported access-key / transaction-signing option on NEAR, alongside ed25519 and secp256k1, and explains how it appears in RPC and tooling.

Changes:

  • Adds a canonical “Signature Schemes” section and an ML-DSA-65 subsection explaining on-chain hash storage and ml-dsa-65-hash: view handles.
  • Documents previously missing RPC query methods (view_access_key, view_access_key_list) and their ML-DSA-65 behavior.
  • Adds CLI and near-kit / near-kit-rs docs and examples for generating, adding, and using ML-DSA-65 keys; updates smart-contract anatomy docs to note ML-DSA-65 key sizes and support.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
tools/near-api.mdx Adds near-kit / near-kit-rs sections and examples for ML-DSA-65 key generation and transaction signing.
tools/cli.mdx Documents generate-keypair, --signature-scheme ml-dsa-65, autogeneration flows, and deletion limitations for hash-only listings.
smart-contracts/anatomy/environment.mdx Notes that signer_account_pk may return larger ML-DSA-65 public keys.
smart-contracts/anatomy/actions.mdx Notes that add_access_key accepts ML-DSA-65 public keys without code changes.
protocol/accounts-contracts/access-keys.mdx Adds signature-scheme comparison and detailed ML-DSA-65 on-chain hash/handle behavior.
api/rpc/contracts.mdx Adds RPC documentation for viewing access keys and ML-DSA-65 ml-dsa-65-hash: handles in lists.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread tools/near-api.mdx
Comment thread tools/near-api.mdx
Comment thread smart-contracts/anatomy/environment.mdx Outdated
Comment thread tools/cli.mdx Outdated

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9f9a620347

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread protocol/accounts-contracts/access-keys.mdx Outdated
Comment thread tools/cli.mdx Outdated
r-near added 6 commits July 1, 2026 17:44
Addresses review: the snippet used `near` without defining it.
…mple

Addresses review: the snippet used `near` without defining it.
Addresses review: near-sdk-rs returns a PublicKey and near-sdk-js returns raw
bytes; the note implied a preformatted string.
Addresses review: 'as in the example above' was ambiguous between the full and
short forms; the short form has no public-keys argument.
Addresses review: matching a view_access_key_list handle requires hashing
'near:ml-dsa-65-pubkey-hash:v1' || pubkey with SHA3-256, per nearcore
MlDsa65PublicKey::to_public_key_handle; hashing the bare key won't match.
Addresses review: the limitation is that a PQ key has no implicit-account form,
not that keys can only go on named accounts; an ml-dsa-65 key can be added to
any existing account (named or implicit) via AddKey.
r-near added a commit to near/near-cli-rs that referenced this pull request Jul 2, 2026
## What

Adds full CLI support for the post-quantum **ML-DSA-65** (FIPS 204)
signature scheme that NEAR protocol 2.13 introduces as a third
access-key type, alongside the classic **Ed25519**.

**1. A new offline `near generate-keypair` command** — create a key pair
for either scheme and print it or save it to a JSON file (no account, no
network):

```
near generate-keypair --signature-scheme ml-dsa-65 print-to-terminal
near generate-keypair --signature-scheme ml-dsa-65 save-to-file ./pq-key.json
```

**2. A `--signature-scheme` option on the on-chain autogenerate flows**
— `account add-key`, `account create-account fund-myself`, and `account
create-account sponsor-by-faucet-service` can now autogenerate and
submit an ML-DSA-65 access key:

```
near account add-key alice.testnet grant-full-access \
  autogenerate-new-keypair --signature-scheme ml-dsa-65 save-to-keychain network-config testnet ...
```

The flag **defaults to `ed25519` when omitted** (and only prompts in an
interactive terminal), so every existing non-interactive invocation
behaves exactly as before. ML-DSA-65 keys are also emitted in the
standard `ml-dsa-65:<base58>` string form, so an externally generated
key can be added via the existing `account add-key …
use-manually-provided-public-key` flow too.

## Why

NEAR protocol **2.13** introduces post-quantum ML-DSA-65 access keys
(see near/nearcore#15731). This lands the CLI side: generating PQ key
pairs. Related ecosystem work: near/docs#3061, near/near-sdk-rs#1557.

## ⚠️ Draft: dependency pins

The nearcore 2.13 crates are **not published to crates.io yet**, so this
PR temporarily git-pins every crate that exchanges `near-primitives` /
`near-crypto` types to the same nearcore `2.13-release` rev (`46483c8d`)
plus matching draft branches of the client libraries, so they all
resolve to one version:

- `near-crypto`, `near-primitives`, `near-jsonrpc-primitives`,
`near-parameters` → `near/nearcore@46483c8d` (2.13-release)
- `near-jsonrpc-client` → near/near-jsonrpc-client-rs#190 (draft)
- `near-socialdb-client` → near/near-socialdb-client-rs#49 (draft)

**These pins must be swapped back to published crates.io versions before
merge/release, once nearcore 2.13 ships.** This is why the PR is a
draft.

## 2.13 API adaptations

Bumping to 2.13 required adapting to a few `near-primitives` /
`near-crypto` changes (unrelated to keygen, but needed to compile):

- New `Action::DelegateV2` / `ActionView::DelegateV2` (v2
meta-transactions) — handled in the transaction display paths.
- New `ActionErrorKind::DelegateActionInvalidNonceIndex` and
`InvalidAccessKeyError::DelegateActionRequiresNonGasKey` /
`DelegateActionRequiresGasKey` (gas keys) — mapped to CLI error
messages.
- `QueryRequest::ViewState` gained `after_key` / `limit` fields.
- The access-key list now returns `PublicKeyHandle`; the delete-key
picker uses `full_pubkey()` and skips ML-DSA-65 entries (which are
stored on-chain only as a hash, so the full key isn't recoverable for a
`DeleteKey` action).
- `KeyType` no longer derives `PartialEq` — comparisons switched to
pattern matching.

## Scope / limitations

- ML-DSA-65 keys are generated **randomly** (no seed-phrase / HD
recovery — there is no NEAR standard for that yet) and have no
implicit-account-id form (deferred to a later protocol milestone), so
`create-account` *named*-account flows support them but the
`ed25519`-only implicit-account paths are unchanged.
- On-chain use of PQ keys is enabled by the `PostQuantumSignatures`
protocol feature, **stabilized at protocol version 85** (the 2.13 stable
version) — so the `AddKey` transactions these flows build become valid
on a network once it upgrades to protocol 85 with the 2.13 rollout (it
is *not* nightly-gated).

## Testing

- New unit tests generate an ML-DSA-65 key pair, parse it back through
`near-crypto`, and verify a signature round-trips.
- Full suite green locally: `cargo test --all-features`, `cargo clippy
--all-features --all-targets -- -D warnings`, `cargo fmt --check`, and
the `--no-default-features` (+`ledger`) checks.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: NEW❗

Development

Successfully merging this pull request may close these issues.

2 participants