Table of Contents

Class SecretShare

Namespace
PostQuantum.SecretSharing
Assembly
PostQuantum.SecretSharing.dll

One parsed .pqss share: its public metadata plus the (deliberately non-public) y-coordinate data and integrity material. Construct shares with Split(ReadOnlySpan<byte>, SharePolicy), serialize with Export(), and parse with Import(ReadOnlySpan<byte>).

public sealed class SecretShare
Inheritance
SecretShare
Inherited Members

Remarks

The raw share data (the polynomial y-values) is intentionally not exposed as a public property: a caller has no legitimate reason to read it, and exposing it only widens the attack surface for misuse. Reconstruction reads it through internal channels.

Properties

Authentication

How this share is authenticated.

public ShareAuthenticationKind Authentication { get; }

Property Value

ShareAuthenticationKind

DealerPublicKey

The embedded dealer public key, or empty if Authentication is None.

public ReadOnlyMemory<byte> DealerPublicKey { get; }

Property Value

ReadOnlyMemory<byte>

SecretLength

The secret length in bytes, equal to the share data length.

public int SecretLength { get; }

Property Value

int

ShareIndex

This share's x-coordinate, in 1..n.

public int ShareIndex { get; }

Property Value

int

SplitId

The 16-byte random identifier shared by every share of one split.

public ReadOnlyMemory<byte> SplitId { get; }

Property Value

ReadOnlyMemory<byte>

Threshold

The quorum size k required to reconstruct.

public int Threshold { get; }

Property Value

int

TotalShares

The total number of shares n issued in this split.

public int TotalShares { get; }

Property Value

int

Methods

Export()

Serializes this share to its canonical .pqss byte encoding (all keys, including the signature when present).

public byte[] Export()

Returns

byte[]

Import(ReadOnlySpan<byte>)

Strictly parses pqssBytes into a SecretShare, rejecting any non-canonical encoding, unknown field, type mismatch, range violation, length inconsistency, or field whose presence contradicts the declared authentication mode. Does not verify the signature — authentication happens at reconstruction.

public static SecretShare Import(ReadOnlySpan<byte> pqssBytes)

Parameters

pqssBytes ReadOnlySpan<byte>

Returns

SecretShare

Exceptions

ShareFormatException

Malformed, non-canonical, or internally inconsistent encoding.

SharePolicyException

A policy field (k, n, or index) is out of its allowed range.

VerifySignature(ReadOnlyMemory<byte>?)

Verifies this single share's dealer signature, without reconstructing anything — useful for checking shares one at a time (e.g. as trustees present them) before a quorum exists.

public bool VerifySignature(ReadOnlyMemory<byte>? expectedDealerPublicKey = null)

Parameters

expectedDealerPublicKey ReadOnlyMemory<byte>?

If supplied, the share's embedded dealer key must equal it (your pin). If omitted, the signature is checked against the embedded key, which is self-attestation, not authority — pass the pin for a real guarantee.

Returns

bool

true if the share is ML-DSA-65-authenticated, matches the pinned key (when given), and its signature verifies; false for an unauthenticated share, a key mismatch, or a bad signature.

Exceptions

PlatformNotSupportedException

Where ML-DSA-65 is unavailable (net8.0 / unsupported platforms).