Skip to main content
Silvana ensures security by:
  • Two-phase signing: the server prepares a transaction and returns the bytes and a hash. The agent independently recomputes the hash, verifies the transaction with tx-verifier, and only then signs.
  • Transaction verification: before signing, tx-verifier checks that the prepared transaction matches the requested operation (correct template, parties, amounts). This prevents the server from tricking the agent into signing unexpected transactions.
  • Ed25519 JWT authentication: self-describing JWTs embed the Ed25519 public key (RFC 8037); the server verifies the public key fingerprint matches the party ID.
  • Private key isolation: the Ed25519 private key is used only locally for signing transaction hashes and JWTs. It is never transmitted to the server.