ReadonlyaccountAccount address associated with the account
ReadonlyaudThe value of the 'aud' claim on the JWT, also known as client ID. This is the identifier for the dApp's OIDC registration with the identity provider.
ReadonlyephemeralThe EphemeralKeyPair used to generate sign.
ReadonlyjwtThe JWT token used to derive the account
ReadonlypepperA value contains 31 bytes of entropy that preserves privacy of the account. Typically fetched from a pepper provider.
The zero knowledge signature (if ready) which contains the proof used to validate the EphemeralKeyPair.
ReadonlyproofThe proof of the EphemeralKeyPair or a promise that provides the proof. This is used to allow for awaiting on fetching the proof.
ReadonlypublicThe FederatedKeylessPublicKey associated with the account
ReadonlysigningSigning scheme used to sign transactions
ReadonlyuidThe claim on the JWT to identify a user. This is typically 'sub' or 'email'.
ReadonlyuidThe value of the uidKey claim on the JWT. This intended to be a stable user identifier.
This initializes the asynchronous proof fetch
Emits whether the proof succeeds or fails, but has no return.
Checks if the proof is expired. If so the account must be re-derived with a new EphemeralKeyPair and JWT token.
boolean
Sign the given message using Keyless.
in HexInput format
Signature
Sign the given transaction with Keyless. Signs the transaction and proof to guard against proof malleability.
the transaction to be signed
KeylessSignature
Sign a transaction using Keyless.
the raw transaction
the AccountAuthenticator containing the signature of the transaction, together with the account's public key
Sign a message using Keyless.
the message to sign, as binary input
the AccountAuthenticator containing the signature, together with the account's public key
Note - This function is currently incomplete and should only be used to verify ownership of the KeylessAccount
Verifies a signature given the message.
the message that was signed.
the KeylessSignature to verify
boolean
Verify the given message and signature with the public key. It fetches any on chain state if needed for verification.
The arguments for verifying the signature.
The configuration object for connecting to the Aptos network
Raw message data in HexInput format.
Optionaloptions?: { throwErrorWithReason?: boolean }Signed message signature.
A boolean indicating whether the signature is valid.
Waits for asynchronous proof fetching to finish.
Serializes a Serializable value to its BCS representation.
This function is the TypeScript SDK equivalent of bcs::to_bytes in Move.
the BCS representation of the Serializable instance as a byte buffer.
Converts the BCS-serialized bytes of a value into a Hex instance. This function provides a Hex representation of the BCS-serialized data for easier handling and manipulation.
A Hex instance with the BCS-serialized bytes loaded into its underlying Uint8Array.
Use the static generator FederatedKeylessAccount.create(...) instead.
Creates a KeylessAccount instance using the provided parameters.
This function allows you to set up a KeylessAccount with specific attributes such as address, proof, and JWT.
The parameters for creating a KeylessAccount.
Optionaladdress?: AccountAddressOptional account address associated with the KeylessAccount.
Optionalaudless?: booleanThe ephemeral key pair used in the account creation.
The address which stores the JSON Web Key Set (JWKS) used to verify the JWT.
A JSON Web Token used for authentication.
A Zero Knowledge Signature or a promise that resolves to one.
OptionalproofFetchCallback?: ProofFetchCallbackOptional callback function for fetching proof.
Optional key for user identification, defaults to "sub".
OptionalverificationKeyHash?: HexInputValidates that the Keyless Account can be used to sign transactions.
Serializes the transaction data into a format suitable for transmission or storage. This function ensures that both the transaction bytes and the proof are properly serialized.
The serializer instance used to convert the transaction data into bytes.
Returns the hex string representation of the Serializable value with the 0x prefix.
the hex formatas a string prefixed by 0x.
Returns the hex string representation of the Serializable value without the 0x prefix.
the hex format as a string without 0x prefix.
StaticcreateCreates a KeylessAccount instance using the provided parameters. This function allows you to set up a KeylessAccount with specific attributes such as address, proof, and JWT. This is used instead of the KeylessAccount constructor.
The parameters for creating a KeylessAccount.
Optionaladdress?: AccountAddressOptional account address associated with the KeylessAccount.
The ephemeral key pair used in the account creation.
The address which stores the JSON Web Key Set (JWKS) used to verify the JWT.
A JSON Web Token used for authentication.
A Zero Knowledge Signature or a promise that resolves to one.
OptionalproofFetchCallback?: ProofFetchCallbackOptional callback function for fetching proof.
OptionaluidKey?: stringOptional key for user identification, defaults to "sub".
OptionalverificationKey?: Groth16VerificationKeyOptionalverificationKeyHash?: Uint8Array<ArrayBufferLike>StaticdeserializeDeserializes the provided deserializer to create a KeylessAccount instance. This function extracts necessary components such as the JWT, UID key, pepper, ephemeral key pair, and proof from the deserializer.
The deserializer instance used to retrieve the serialized data.
A KeylessAccount instance created from the deserialized data.
StaticfetchJWKFetches the JWK from the issuer's well-known JWKS endpoint.
The kid of the JWK to fetch
The keyless public key to query
A JWK matching the kid in the JWT header.
StaticfromDeserialize bytes using this account's information.
The bytes being interpreted.
Staticpartial
Account implementation for the FederatedKeyless authentication scheme.
Used to represent a FederatedKeyless based account and sign transactions with it.
Use
FederatedKeylessAccount.create()to instantiate a KeylessAccount with a JSON Web Token (JWT), proof, EphemeralKeyPair and the address the JSON Web Key Set (JWKS) are installed that will be used to verify the JWT.When the proof expires or the JWT becomes invalid, the KeylessAccount must be instantiated again with a new JWT, EphemeralKeyPair, and corresponding proof.