Optional
capabilityNot limited to capacityDelegationAuthSig. Other AuthSigs with other purposes can also be in this array.
Optional
capacityOptional
chainThe chain to use for the session signature and sign the session key. This value is almost always ethereum
. If you're using EVM, this parameter isn't very important.
Optional
expirationWhen this session signature will expire. After this time is up you will need to reauthenticate, generating a new session signature. The default time until expiration is 24 hours. The formatting is an RFC3339 timestamp.
Optional
jsAn object that contains params to expose to the Lit Action. These will be injected to the JS runtime before your code runs, so you can use any of these as normal variables in your Lit Action.
Optional
litThe litActionCode is the JavaScript code that will run on the nodes. You will need to convert the string content to base64.
Optional
litYou can obtain the Lit Action IPFS CID by converting your JavaScript code using this tool: https://explorer.litprotocol.com/create-action
Note: You do not need to pin your code to IPFS necessarily. You can convert a code string to an IPFS hash using the "ipfs-hash-only" or 'ipfs-unixfs-importer' library.
async function stringToIpfsHash(input: string): Promise<string> {
// Convert the input string to a Buffer
const content = Buffer.from(input);
// Import the content to create an IPFS file
const files = importer([{ content }], {} as any, { onlyHash: true });
// Get the first (and only) file result
const result = (await files.next()).value;
const ipfsHash = (result as any).cid.toString();
if (!ipfsHash.startsWith('Qm')) {
throw new Error('Generated hash does not start with Qm');
}
return ipfsHash;
}
Optional
pkpSession signature properties shared across all functions that generate session signatures.
An array of resource abilities that you want to request for this session. These will be signed with the session key.
For example, an ability is added to grant a session permission to decrypt content associated with a particular Access Control Conditions (ACC) hash. When trying to decrypt, this ability is checked in the resourceAbilityRequests
to verify if the session has the required decryption capability.
Optional
sessionThe session capability object that you want to request for this session.
It is likely you will not need this, as the object will be automatically derived from the resourceAbilityRequests
.
If you pass nothing, then this will default to a wildcard for each type of resource you're accessing.
The wildcard means that the session will be granted the ability to to perform operations with any access control condition.
Optional
sessionThe serialized session key pair to sign. If not provided, a session key pair will be fetched from localStorage or generated.
Optional
switchIf you want to ask MetaMask to try and switch the user's chain, you may pass true here. This will only work if the user is using MetaMask, otherwise this will be ignored.
This is a callback that will be used to generate an AuthSig within the session signatures. It's inclusion is required, as it defines the specific resources and abilities that will be allowed for the current session.