auth-k1
Actions
SystemService::AuthK1
struct SystemService::AuthK1 {
const psibase::AccountNumber service;
checkAuthSys(...); // This is an implementation of the standard auth service interface defined in [SystemService::AuthInterface]
canAuthUserSys(...); // This is an implementation of the standard auth service interface defined by [SystemService::AuthInterface]
setKey(...); // Set the sender's public key
};
The auth-k1
service is an auth service that can be used to authenticate actions for accounts.
Any account using this auth service must store in this service an ECDCSA public key that they own. This service will ensure that the specified public key is included in the transaction claims for any transaction sent by this account.
This service only supports K1 keys (Secp256K1) keys.
SystemService::AuthK1::checkAuthSys
void SystemService::AuthK1::checkAuthSys(
uint32_t flags,
psibase::AccountNumber requester,
psibase::AccountNumber sender,
ServiceMethod action,
std::vector<ServiceMethod> allowedActions,
std::vector<psibase::Claim> claims
);
This is an implementation of the standard auth service interface defined in SystemService::AuthInterface.
This action is automatically called by transact
when an account using this auth service submits a
transaction.
This action verifies that the transaction contains a claim for the user's public key.
SystemService::AuthK1::canAuthUserSys
void SystemService::AuthK1::canAuthUserSys(
psibase::AccountNumber user
);
This is an implementation of the standard auth service interface defined by SystemService::AuthInterface.
This action is automatically called by accounts
when an account is configured to use this auth service.
Verifies that a particular user is allowed to use a particular auth service.
This action allows any user who has already set a public key using AuthK1::setKey
.
SystemService::AuthK1::setKey
void SystemService::AuthK1::setKey(
psibase::PublicKey key
);
Set the sender's public key.
This is the public key that must be claimed by the transaction whenever a sender using this auth service submits a transaction. Only accepts K1 keys.
Tables
SystemService::AuthK1Record::AuthRecord
struct SystemService::AuthK1Record::AuthRecord {
psibase::AccountNumber account; // The account whose transactions will be required to contain the specified public key.
psibase::PublicKey pubkey; // The public key included in the claims for each transaction sent by this account.
byPubkey(...);
};
A record containing the authorization claims needed for an account using this auth service..
SystemService::AuthK1Record::AuthRecord::byPubkey
std::tuple<PublicKey, AccountNumber> SystemService::AuthK1Record::AuthRecord::byPubkey() const;