Documentation Index
Fetch the complete documentation index at: https://docs.zodia-custody.com/llms.txt
Use this file to discover all available pages before exploring further.
Key Pairs Required
Two sets of RSA/ECC key pairs are needed before making any API calls.
1. Company Key Pair (RSA)
Used to authenticate all API requests. Generated once per company.
Keys must be RSA, base64-encoded, minimum 2048 bits.
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
import os
def generate_rsa_keypair(company):
rsa_private_key = rsa.generate_private_key(
public_exponent=65537, key_size=2048, backend=default_backend()
)
private_key_pem = rsa_private_key.private_bytes(
serialization.Encoding.PEM,
serialization.PrivateFormat.PKCS8,
serialization.NoEncryption()
)
with open(os.path.join("keys", company + ".private.pem"), "wb") as f:
f.write(private_key_pem)
public_key_pem = rsa_private_key.public_key().public_bytes(
serialization.Encoding.PEM,
serialization.PublicFormat.SubjectPublicKeyInfo
)
with open(os.path.join("keys", company + ".public.pem"), "wb") as f:
f.write(public_key_pem)
generate_rsa_keypair("ZTEST")
2. User Key Pair (ECC)
Each API user (maker and checker) needs an Elliptic Curve key pair using SECP256R1.
openssl ecparam -name prime256v1 -genkey -noout -out ./private-key.pem
openssl ec -in ./private-key.pem -pubout -out ./public-key.pem
Signature Types
Two distinct signature types are used in the Zodia API:
Onboarding Checklist
- Generate company RSA key pair
- Send
company_pub_key to customerservice@zodia.io
- Generate ECC key pairs for at least one maker and one checker user
- Send user emails, public keys, and roles to customerservice@zodia.io
