Optional
defaultProtected
_getThrow node error
Check if a session key needs to be resigned. These are the scenarios where a session key needs to be resigned:
Authenticates an Auth Method for claiming a Programmable Key Pair (PKP). A MintCallback can be defined for custom on chain interactions by default the callback will forward to a relay server for minting on chain.
an Auth Method and MintCallback
Combine Shares from network public key set and signature shares
final JWT (convert the sig to base64 and append to the jwt)
Calculates a Key Id for claiming a pkp based on a user identifier and an app identifier. The key Identifier is an Auth Method Id which scopes the key uniquely to a specific application context. These identifiers are specific to each auth method and will derive the public key portion of a pkp which will be persisted when a key is claimed.
Auth Method | User ID | App ID |
---|---|---|
Google OAuth | token sub |
token aud |
Discord OAuth | user id | client app identifier |
Stytch OTP | token sub |
token aud |
Lit Actions | user defined | ipfs cid |
Note Lit Action claiming uses a different schema than other auth methods |
user identifier for the Key Identifier
app identifier for the Key Identifier
should be set for true if using claiming through actions
public key of pkp when claimed
Calculates an HD public key from a given keyId The curve type or signature type is assumed to be k256 unless provided
public key
Decrypt ciphertext with the LIT network.
Encrypt data using the LIT network public key.
The encrypted ciphertext and the hash of the data
Execute JS on the nodes and combine and return any resulting signatures
Generates a promise by sending a command to the Lit node
The URL to send the command to.
The parameters to include in the command.
The ID of the request.
A promise that resolves with the response from the server.
Generates a session capability object
An array of ILitResource to be processed.
A Promise resolving to an ISessionCapabilityObject.
Get different formats of access control conditions, eg. evm, sol, unified etc.
Get hash of access control conditions
Optional
debug?: booleanRetrieves session signatures specifically for Lit Actions.
Unlike getPkpSessionSigs
, this function requires either litActionCode
or litActionIpfsId
, and jsParams
must be provided.
The parameters required for retrieving the session signatures.
A promise that resolves with the session signatures.
Retrieves the PKP sessionSigs.
The parameters for retrieving the PKP sessionSigs.
A promise that resolves to the PKP sessionSigs.
Try to get the session key in the local storage, if not, generates one.
session key pair
Retrieves the session signature for a given URL from the sessionSigs map. Throws an error if sessionSigs is not provided or if the session signature for the URL is not found.
The session signature for the given URL.
Retrieves or generates sessionSigs (think access token) for accessing Lit Network resources.
How this function works on a high level:
AuthSig
that specifies the session abilitiesThe process follows these steps:
authSig
) by signing an ERC-5573 “Sign-in with Ethereum” message, which includes resource ability requests, capabilities, expiration, the user's device session public key, and a nonce. The authSig
is retrieved from local storage, and if it has expired, the user will be prompted to re-sign.sessionSigs
) by including the device-generated signature and the original message. The sessionSigs
provide access to Lit Network features such as executeJs
and pkpSign
.Note: When generating session signatures for different PKPs or auth methods, be sure to call disconnectWeb3 to clear auth signatures stored in local storage
An example of how this function is used can be found in the Lit developer-guides-code repository here.
Get the signature from local storage, if not, generates one
Handle node promises
requestId to be logged in case of error
number of nodes we need valid results from in order to resolve
Handshake with Node
Check if a given object is of type SessionKeyPair.
The object to check.
True if the object is of type SessionKeyPair.
Use PKP to sign
Run lit action on a single deterministicly selected node. It's important that the nodes use the same deterministic selection algorithm.
Lit Action: dataToHash -> IPFS CID QmUjX8MW6StQ7NKNdaS6g4RMkvN5hcgtKmEi8Mca6oX4t3
Send a command to nodes
Sign a session public key using a PKP, which generates an authSig.
An object containing the resulting signature.
Static
generateGenerates wildcard capability for each of the LIT resources specified.
is an array of LIT resources
Optional
addAllCapabilities: booleanis a boolean that specifies whether to add all capabilities for each resource
Static
get
You can find all these available networks in the
constants
packageExample