OptionalcapabilityNot limited to capacityDelegationAuthSig. Other AuthSigs with other purposes can also be in this array.
OptionalcapacityOptionalchainThe chain to use for the session signature and sign the session key. This value is almost always ethereum. If you're using EVM, this parameter isn't very important.
OptionalexpirationWhen this session signature will expire. After this time is up you will need to reauthenticate, generating a new session signature. The default time until expiration is 24 hours. The formatting is an RFC3339 timestamp.
OptionaljsAn object that contains params to expose to the Lit Action. These will be injected to the JS runtime before your code runs, so you can use any of these as normal variables in your Lit Action.
OptionallitThe litActionCode is the JavaScript code that will run on the nodes. You will need to convert the string content to base64.
OptionallitYou can obtain the Lit Action IPFS CID by converting your JavaScript code using this tool: https://explorer.litprotocol.com/create-action
Note: You do not need to pin your code to IPFS necessarily. You can convert a code string to an IPFS hash using the "ipfs-hash-only" or 'ipfs-unixfs-importer' library.
async function stringToIpfsHash(input: string): Promise<string> {
// Convert the input string to a Buffer
const content = Buffer.from(input);
// Import the content to create an IPFS file
const files = importer([{ content }], {} as any, { onlyHash: true });
// Get the first (and only) file result
const result = (await files.next()).value;
const ipfsHash = (result as any).cid.toString();
if (!ipfsHash.startsWith('Qm')) {
throw new Error('Generated hash does not start with Qm');
}
return ipfsHash;
}
OptionalpkpSession signature properties shared across all functions that generate session signatures.
An array of resource abilities that you want to request for this session. These will be signed with the session key.
For example, an ability is added to grant a session permission to decrypt content associated with a particular Access Control Conditions (ACC) hash. When trying to decrypt, this ability is checked in the resourceAbilityRequests to verify if the session has the required decryption capability.
OptionalsessionThe session capability object that you want to request for this session.
It is likely you will not need this, as the object will be automatically derived from the resourceAbilityRequests.
If you pass nothing, then this will default to a wildcard for each type of resource you're accessing.
The wildcard means that the session will be granted the ability to to perform operations with any access control condition.
OptionalsessionThe serialized session key pair to sign. If not provided, a session key pair will be fetched from localStorage or generated.
OptionalswitchIf you want to ask MetaMask to try and switch the user's chain, you may pass true here. This will only work if the user is using MetaMask, otherwise this will be ignored.
This is a callback that will be used to generate an AuthSig within the session signatures. It's inclusion is required, as it defines the specific resources and abilities that will be allowed for the current session.