Class KeylessAccount

Account implementation for the Keyless authentication scheme.

Used to represent a Keyless based account and sign transactions with it.

Use KeylessAccount.create() to instantiate a KeylessAccount with a JWT, proof and EphemeralKeyPair.

When the proof expires or the JWT becomes invalid, the KeylessAccount must be instantiated again with a new JWT, EphemeralKeyPair, and corresponding proof.

Hierarchy (view full)

Implementation - Account (On-Chain Model)

constructor accountAddress aud ephemeralKeyPair jwt pepper proof proofOrPromise publicKey signingScheme uidKey uidVal init isExpired serialize sign signTransaction signTransactionWithAuthenticator signWithAuthenticator verifySignature waitForProofFetch create deserialize

Implementation - BCS

bcsToBytes bcsToHex

Methods

checkKeylessAccountValidity getAnyPublicKey toString toStringWithoutPrefix fetchJWK fromBytes partialDeserialize

Properties

verificationKeyHash? PEPPER_LENGTH

Implementation - Account (On-Chain Model)

constructor

  • new KeylessAccount(args): KeylessAccount

  • Use the static generator create(...) instead. Creates an instance of the KeylessAccount with an optional proof.

    Parameters

    • args: {
          address?: AccountAddress;
          aud: string;
          ephemeralKeyPair: EphemeralKeyPair;
          iss: string;
          jwt: string;
          pepper: HexInput;
          proof: ZeroKnowledgeSig | Promise<ZeroKnowledgeSig>;
          proofFetchCallback?: ProofFetchCallback;
          uidKey: string;
          uidVal: string;
          verificationKeyHash?: HexInput;
      }

      The parameters for creating a KeylessAccount.

      • Optionaladdress?: AccountAddress

        Optional account address associated with the KeylessAccount.

      • aud: string

        The value of the 'aud' claim on the JWT, also known as client ID. This is the identifier for the dApp's OIDC registration with the identity provider.

      • ephemeralKeyPair: EphemeralKeyPair

        The ephemeral key pair used in the account creation.

      • iss: string

        A JWT issuer.

      • jwt: string

        A JSON Web Token used for authentication.

      • pepper: HexInput

        A hexadecimal input used for additional security.

      • proof: ZeroKnowledgeSig | Promise<ZeroKnowledgeSig>

        A Zero Knowledge Signature or a promise that resolves to one.

      • OptionalproofFetchCallback?: ProofFetchCallback

        Optional callback function for fetching proof.

      • uidKey: string

        The claim on the JWT to identify a user. This is typically 'sub' or 'email'.

      • uidVal: string

        The unique id for this user, intended to be a stable user identifier.

      • OptionalverificationKeyHash?: HexInput

    Returns KeylessAccount

ReadonlyaccountAddress

accountAddress: AccountAddress

Account address associated with the account

Readonlyaud

aud: string

The value of the 'aud' claim on the JWT, also known as client ID. This is the identifier for the dApp's OIDC registration with the identity provider.

ReadonlyephemeralKeyPair

ephemeralKeyPair: EphemeralKeyPair

The EphemeralKeyPair used to generate sign.

Readonlyjwt

jwt: string

The JWT token used to derive the account

Readonlypepper

pepper: Uint8Array

A value contains 31 bytes of entropy that preserves privacy of the account. Typically fetched from a pepper provider.

proof

proof: undefined | ZeroKnowledgeSig

The zero knowledge signature (if ready) which contains the proof used to validate the EphemeralKeyPair.

ReadonlyproofOrPromise

proofOrPromise: ZeroKnowledgeSig | Promise<ZeroKnowledgeSig>

The proof of the EphemeralKeyPair or a promise that provides the proof. This is used to allow for awaiting on fetching the proof.

ReadonlypublicKey

publicKey: KeylessPublicKey

The KeylessPublicKey associated with the account

ReadonlysigningScheme

signingScheme: SigningScheme = SigningScheme.SingleKey

Signing scheme used to sign transactions

ReadonlyuidKey

uidKey: string

The claim on the JWT to identify a user. This is typically 'sub' or 'email'.

ReadonlyuidVal

uidVal: string

The value of the uidKey claim on the JWT. This intended to be a stable user identifier.

init

isExpired

serialize

  • serialize(serializer): void

  • Serializes the transaction data into a format suitable for transmission or storage. This function ensures that both the transaction bytes and the proof are properly serialized.

    Parameters

    • serializer: Serializer

      The serializer instance used to convert the transaction data into bytes.

    Returns void

sign

signTransaction

signTransactionWithAuthenticator

signWithAuthenticator

verifySignature

waitForProofFetch

Staticcreate

Staticdeserialize

  • deserialize(deserializer): KeylessAccount

  • Deserializes the provided deserializer to create a KeylessAccount instance. This function extracts necessary components such as the JWT, UID key, pepper, ephemeral key pair, and proof from the deserializer.

    Parameters

    • deserializer: Deserializer

      The deserializer instance used to retrieve the serialized data.

    Returns KeylessAccount

    A KeylessAccount instance created from the deserialized data.

Implementation - BCS

bcsToBytes

  • bcsToBytes(): Uint8Array

  • Serializes a Serializable value to its BCS representation. This function is the TypeScript SDK equivalent of bcs::to_bytes in Move.

    Returns Uint8Array

    the BCS representation of the Serializable instance as a byte buffer.

bcsToHex

  • bcsToHex(): Hex

  • Converts the BCS-serialized bytes of a value into a Hex instance. This function provides a Hex representation of the BCS-serialized data for easier handling and manipulation.

    Returns Hex

    A Hex instance with the BCS-serialized bytes loaded into its underlying Uint8Array.

Methods

checkKeylessAccountValidity

getAnyPublicKey

toString

toStringWithoutPrefix

StaticfetchJWK

StaticfromBytes

StaticpartialDeserialize

Properties

Optional ReadonlyverificationKeyHash

verificationKeyHash?: Uint8Array

The hash of the verification key used to verify the proof. This is optional and can be used to check verifying key rotations which may invalidate the proof.

Static ReadonlyPEPPER_LENGTH

PEPPER_LENGTH: number = 31

Settings

Member Visibility

On This Page

Implementation - Account (On-Chain Model)
Implementation - BCS
Methods
Properties
MMNEPVFCICPMFPCPTTAAATR