Class LitNodeClientNodeJs

constructor

• new LitNodeClientNodeJs(args): LitNodeClientNodeJs

• Parameters

  • args: LitNodeClientConfig | CustomNetwork

  Returns LitNodeClientNodeJs

OptionaldefaultAuthCallback

checkNeedToResignSessionKey

• checkNeedToResignSessionKey(__namedParameters): Promise<boolean>

• Check if a session key needs to be resigned. These are the scenarios where a session key needs to be resigned:

  1. The authSig.sig does not verify successfully against the authSig.signedMessage
  2. The authSig.signedMessage.uri does not match the sessionKeyUri
  3. The authSig.signedMessage does not contain at least one session capability object

  Parameters

  • __namedParameters: {
        authSig: AuthSig;
        resourceAbilityRequests: LitResourceAbilityRequest[];
        sessionKeyUri: any;
    }

    • authSig: AuthSig

    • resourceAbilityRequests: LitResourceAbilityRequest[]

    • sessionKeyUri: any

  Returns Promise<boolean>

claimKeyId

• claimKeyId(params): Promise<ClaimKeyResponse>

• Authenticates an Auth Method for claiming a Programmable Key Pair (PKP). A MintCallback can be defined for custom on chain interactions by default the callback will forward to a relay server for minting on chain.

  Parameters

  • params: ClaimRequest<ClaimProcessor>

    an Auth Method and MintCallback

  Returns Promise<ClaimKeyResponse>

combineSharesAndGetJWT

• combineSharesAndGetJWT(signatureShares, requestId?): Promise<string>

• Combine Shares from network public key set and signature shares

  Parameters

  • signatureShares: NodeBlsSigningShare[]
  • requestId: string = ''

  Returns Promise<string>

  final JWT (convert the sig to base64 and append to the jwt)

createCapacityDelegationAuthSig

• createCapacityDelegationAuthSig(params): Promise<CapacityCreditsRes>

• Parameters

  • params: CapacityCreditsReq

  Returns Promise<CapacityCreditsRes>

decrypt

• decrypt(params): Promise<DecryptResponse>

• Decrypt ciphertext with the LIT network.

  Parameters

  • params: DecryptRequest

  Returns Promise<DecryptResponse>

encrypt

• encrypt(params): Promise<EncryptResponse>

• Encrypt data using the LIT network public key.

  Parameters

  • params: EncryptSdkParams

  Returns Promise<EncryptResponse>

  The encrypted ciphertext and the hash of the data

  Throws

  if the LIT node client is not ready

  Throws

  if the subnetPubKey is null

executeJs

• executeJs(params): Promise<ExecuteJsResponse>

• Execute JS on the nodes and combine and return any resulting signatures

  Parameters

  • params: JsonExecutionSdkParams

  Returns Promise<ExecuteJsResponse>

generatePromise

• generatePromise(url, params, requestId): Promise<NodeCommandResponse>

• Generates a promise by sending a command to the Lit node

  Parameters

  • url: string

    The URL to send the command to.
  • params: any

    The parameters to include in the command.
  • requestId: string

    The ID of the request.

  Returns Promise<NodeCommandResponse>

  A promise that resolves with the response from the server.

generateSessionCapabilityObjectWithWildcards

• generateSessionCapabilityObjectWithWildcards(litResources): Promise<ISessionCapabilityObject>

• Generates a session capability object

  Parameters

  • litResources: ILitResource[]

    An array of ILitResource to be processed.

  Returns Promise<ISessionCapabilityObject>

  A Promise resolving to an ISessionCapabilityObject.

getExpiration

• getExpiration(): string

• Returns string

getIpfsId

• getIpfsId(__namedParameters): Promise<any>

• Parameters

  • __namedParameters: {
        dataToHash: string;
        debug?: boolean;
        sessionSigs: SessionSigsMap;
    }

    • dataToHash: string

    • Optionaldebug?: boolean

    • sessionSigs: SessionSigsMap

  Returns Promise<any>

getJWTParams

• getJWTParams(): {
      exp: number;
      iat: number;
  }

• we need to send jwt params iat (issued at) and exp (expiration) because the nodes may have different wall clock times, the nodes will verify that these params are withing a grace period

  Returns {
      exp: number;
      iat: number;
  }

  • exp: number

  • iat: number

getLitActionSessionSigs

• getLitActionSessionSigs(params): Promise<SessionSigsMap>

• Retrieves session signatures specifically for Lit Actions. Unlike getPkpSessionSigs, this function requires either litActionCode or litActionIpfsId, and jsParams must be provided.

  Parameters

  • params: GetLitActionSessionSigs

    The parameters required for retrieving the session signatures.

  Returns Promise<SessionSigsMap>

  A promise that resolves with the session signatures.

getLitResourceForEncryption

• getLitResourceForEncryption(params): Promise<LitAccessControlConditionResource>

• Parameters

  • params: EncryptRequest

  Returns Promise<LitAccessControlConditionResource>

getPkpSessionSigs

• getPkpSessionSigs(params): Promise<SessionSigsMap>

• Retrieves the PKP sessionSigs.

  Parameters

  • params: GetPkpSessionSigs

    The parameters for retrieving the PKP sessionSigs.

  Returns Promise<SessionSigsMap>

  A promise that resolves to the PKP sessionSigs.

  Throws

  An error if any of the required parameters are missing or if litActionCode and ipfsId exist at the same time.

getSessionKey

• getSessionKey(): SessionKeyPair

• Try to get the session key in the local storage, if not, generates one.

  Returns SessionKeyPair

  session key pair

getSessionKeyUri

• getSessionKeyUri(publicKey): string

• Get Session Key URI eg. lit:session:0x1234

  Parameters

  • publicKey: string

    is the public key of the session key

  Returns string

  the session key uri

getSessionSigs

• getSessionSigs(params): Promise<SessionSigsMap>

• Retrieves or generates sessionSigs (think access token) for accessing Lit Network resources.

  How this function works on a high level:

  1. Generate or retrieve session keys (a public and private key pair)
  2. Generate or retrieve the AuthSig that specifies the session abilities
  3. Sign the specific resources with the session key

  The process follows these steps:

  1. Retrieves or generates a session key pair (Ed25519) for the user's device. The session key is either fetched from local storage or newly created if not found. The key does not expire.
  2. Generates an authentication signature (authSig) by signing an ERC-5573 “Sign-in with Ethereum” message, which includes resource ability requests, capabilities, expiration, the user's device session public key, and a nonce. The authSig is retrieved from local storage, and if it has expired, the user will be prompted to re-sign.
  3. Uses the session private key to sign the session public key along with the resource ability requests, capabilities, issuedAt, and expiration details. This creates a device-generated signature.
  4. Constructs the session signatures (sessionSigs) by including the device-generated signature and the original message. The sessionSigs provide access to Lit Network features such as executeJs and pkpSign.

  See Sequence Diagram: https://www.plantuml.com/plantuml/uml/VPH1RnCn48Nl_XLFlT1Av00eGkm15QKLWY8K9K9SO-rEar4sjcLFalBl6NjJAuaMRl5utfjlPjQvJsAZx7UziQtuY5-9eWaQufQ3TOAR77cJy407Rka6zlNdHTRouUbIzSEtjiTIBUswg5v_NwMnuAVlA9KKFPN3I0x9qSSj7bqNF3iPykl9c4o9oUSJMuElv2XQ8IHAYRt3bluWM8wuVUpUJwVlFjsP8JUh5B_1DyV2AYdD6DjhLsTQTaYd3W3ad28SGWqM997fG5ZrB9DJqOaALuRwH1TMpik8tIYze-E8OrPKU5I6cMqtem2kCqOhr4vdaRAvtSjcoMkTo68scKu_Vi1EPMfrP_xVtj7sFMaHNg-6GVqk0MW0z18uKdVULTvDWtdqko28b7KktvUB2hKOBd1asU2QgDfTzrj7T4bLPdv6TR0zLwPQKkkZpIRTY4CTMbrBpg_VKuXyi49beUAHqIlirOUrL2zq9JPPdpRR5OMLVQGoGlLcjyRyQNv6MHz4W_fG42W--xWhUfNyOxiLL1USS6lRLeyAkYLNjrkVJuClm_qp5I8Lq0krUw7lwIt2DgY9oiozrjA_Yhy0

  Note: When generating session signatures for different PKPs or auth methods, be sure to call disconnectWeb3 to clear auth signatures stored in local storage

  Parameters

  • params: GetSessionSigsProps

    An example of how this function is used can be found in the Lit developer-guides-code repository here.

  Returns Promise<SessionSigsMap>

getSignSessionKeyShares

• getSignSessionKeyShares(url, params, requestId): Promise<any>

• Parameters

  • url: string
  • params: GetSignSessionKeySharesProp
  • requestId: string

  Returns Promise<any>

getWalletSig

• getWalletSig(__namedParameters): Promise<AuthSig>

• Get the signature from local storage, if not, generates one

  Parameters

  • __namedParameters: GetWalletSigProps

  Returns Promise<AuthSig>

isSessionKeyPair

• isSessionKeyPair(obj): obj is SessionKeyPair

• Check if a given object is of type SessionKeyPair.

  Parameters

  • obj: any

    The object to check.

  Returns obj is SessionKeyPair

  True if the object is of type SessionKeyPair.

pkpSign

• pkpSign(params): Promise<SigResponse>

• Use PKP to sign

  Parameters

  • params: JsonPkpSignSdkParams

  Returns Promise<SigResponse>

runOnTargetedNodes

• runOnTargetedNodes(params): Promise<RejectedNodePromises | SuccessNodePromises<NodeCommandResponse>>

• Run lit action on a single deterministicly selected node. It's important that the nodes use the same deterministic selection algorithm.

  Lit Action: dataToHash -> IPFS CID QmUjX8MW6StQ7NKNdaS6g4RMkvN5hcgtKmEi8Mca6oX4t3

  Parameters

  • params: JsonExecutionSdkParamsTargetNode

  Returns Promise<RejectedNodePromises | SuccessNodePromises<NodeCommandResponse>>

signSessionKey

• signSessionKey(params): Promise<SignSessionKeyResponse>

• Sign a session public key using a PKP, which generates an authSig.

  Parameters

  • params: SignSessionKeyProp

  Returns Promise<SignSessionKeyResponse>

  An object containing the resulting signature.

StaticgenerateSessionCapabilityObjectWithWildcards

• generateSessionCapabilityObjectWithWildcards(litResources, addAllCapabilities?): Promise<ISessionCapabilityObject>

• Generates wildcard capability for each of the LIT resources specified.

  Parameters

  • litResources: ILitResource[]

    is an array of LIT resources
  • OptionaladdAllCapabilities: boolean

    is a boolean that specifies whether to add all capabilities for each resource

  Returns Promise<ISessionCapabilityObject>

StaticgetExpiration

• getExpiration(): string

• Get expiration for session default time is 1 day / 24 hours

  Returns string