Class FederatedKeylessAccount

Account implementation for the FederatedKeyless authentication scheme.

Used to represent a FederatedKeyless based account and sign transactions with it.

Use FederatedKeylessAccount.create to instantiate a KeylessAccount with a JWT, proof, EphemeralKeyPair and the address the JWKs are installed that will be used to verify the JWT.

When the proof expires or the JWT becomes invalid, the KeylessAccount must be instantiated again with a new JWT, EphemeralKeyPair, and corresponding proof.

Hierarchy (view full)

Constructors

constructor

Properties

accountAddress aud ephemeralKeyPair jwt pepper proof proofOrPromise publicKey signingScheme uidKey uidVal PEPPER_LENGTH

Methods

bcsToBytes bcsToHex init isExpired serialize sign signTransaction signTransactionWithAuthenticator signWithAuthenticator verifySignature waitForProofFetch create deserialize fromBytes

Constructors

Private constructor

Properties

Readonly accountAddress

accountAddress: AccountAddress

Account address associated with the account

Readonly aud

aud: string

The value of the 'aud' claim on the JWT, also known as client ID. This is the identifier for the dApp's OIDC registration with the identity provider.

Readonly ephemeralKeyPair

ephemeralKeyPair: EphemeralKeyPair

The EphemeralKeyPair used to generate sign.

Readonly jwt

jwt: string

The JWT token used to derive the account

Readonly pepper

pepper: Uint8Array

A value contains 31 bytes of entropy that preserves privacy of the account. Typically fetched from a pepper provider.

proof

proof: undefined | ZeroKnowledgeSig

The zero knowledge signature (if ready) which contains the proof used to validate the EphemeralKeyPair.

Readonly proofOrPromise

proofOrPromise: ZeroKnowledgeSig | Promise<ZeroKnowledgeSig>

The proof of the EphemeralKeyPair or a promise that provides the proof. This is used to allow for awaiting on fetching the proof.

Readonly publicKey

publicKey: FederatedKeylessPublicKey

The FederatedKeylessPublicKey associated with the account

Readonly signingScheme

signingScheme: SigningScheme

Signing scheme used to sign transactions

Readonly uidKey

uidKey: string

The claim on the JWT to identify a user. This is typically 'sub' or 'email'.

Readonly uidVal

uidVal: string

The value of the uidKey claim on the JWT. This intended to be a stable user identifier.

Static Readonly PEPPER_LENGTH

PEPPER_LENGTH: number = 31

Methods

bcsToBytes

  • bcsToBytes(): Uint8Array

  • Serializes a Serializable value to its BCS representation. This function is the Typescript SDK equivalent of bcs::to_bytes in Move.

    Returns Uint8Array

    the BCS representation of the Serializable instance as a byte buffer

bcsToHex

init

isExpired

serialize

sign

signTransaction

signTransactionWithAuthenticator

signWithAuthenticator

verifySignature

waitForProofFetch

Static create

Static deserialize

Static fromBytes

Settings

Member Visibility

Theme

On This Page

constructoraccountAddressaudephemeralKeyPairjwtpepperproofproofOrPromisepublicKeysigningSchemeuidKeyuidValPEPPER_LENGTHbcsToBytesbcsToHexinitisExpiredserializesignsignTransactionsignTransactionWithAuthenticatorsignWithAuthenticatorverifySignaturewaitForProofFetchcreatedeserializefromBytes