@0xsequence/ethauth 中文文档教程

发布于 3年前 浏览 29 项目主页 更新于 3年前

 ____ ____ ____ ____ ____ ____ ____
||e |||t |||h |||a |||u |||t |||h ||
||__|||__|||__|||__|||__|||__|||__||
|/__\|/__\|/__\|/__\|/__\|/__\|/__\|

Usage

yarn add @0xsequence/ethauthnpm install @0xsequence/ethauth

Format

proof = eth.

...< ;extra>

Address

十六进制编码的账户地址,即。 '0x9e63b5BF4b31A7F8d5D8b4f54CD361344Eb744C5'。

注意,你不应该把 ethauth 证明中的账户地址当作面值——你必须解析证明 并使用提供的库方法对其进行验证。 用于验证时包含该地址 基于智能钱包的账户(也称为基于合约的账户)。

Claims

的 base64 编码 JSON 对象

interface Claims {
  app: string
  exp: number
  iat?: number
  n?: number
  typ?: string
  ogn?: string
}

字段

  • app (required) - App identifier requesting the issuance of the ethauth proof
  • exp (required) - Expired at unix timestamp of when the ethauth proof is valid until
  • iat (optonal) - Issued at unix timestamp of when the ethauth proof has been signed/issued
  • n (optional) - Nonce value which can be used as a challenge number for added security
  • typ (optional) - Type of authorization for this ethauth proof
  • ogn (optional) - Domain origin requesting the issuance of the ethauth proof

Signature

:声明消息有效负载的签名值。 签名由 EIP712 计算 声明对象的 eth_signTypedData 调用。 签名可以通过 ECRecover 恢复到 确定 EOA 地址,或者您可能有不同的编码,例如与 EIP-1271 一起使用的编码, 验证基于合约的帐户签名。

Example ETHAuth encoding / decoding

EOA account signature

ethauth-proof = eth.0x89d9f8f31817badb5d718cd6fb483b71dbd2dfed.eyJhcHAiOiJFV1RUZXN0IiwiaWF0IjoxNTk1NTMwODQwLCJleHAiOjE1OTU1MzExNDB9.0x233ab9164a677a41acc8d52c9e1d1a621acebf9bc8d956c8474618b589acebe10cc350deb4b02bf6951cec8bd23507170f204ca326a5a264b8f6f67fa2619c251c decodes

& verifies to:

  • account address: 0x89D9F8f31817BAdb5D718CD6fb483b71DbD2dfeD
  • claims: {"app":"EWTTest","iat":1595530840,"exp":1595531140}
  • signature: 0x233ab9164a677a41acc8d52c9e1d1a621acebf9bc8d956c8474618b589acebe10cc350deb4b02bf6951cec8bd23507170f204ca326a5a264b8f6f67fa2619c251c

Contract-based account signature (verifiable with EIP 1271)

ethauth-proof = eth.0x9e63b5bf4b31a7f8d5d8b4f54cd361344eb744c5.eyJpYXQiOjE1OTQ3NDM4NDgsImV4cCI6MTYyNjI3OTg0OCwibiI6MTMzN30.0x000100012dd090aec5e4a9678f7968533c10fc42b07b9a23fa3b719f79a861adcfc7e1d958e3521bb061c34072f5435681390ccc9be19bf9da32320bd2356d0b4b4d316b1c02 decodes

& 验证到:

  • account address: 0x9e63b5bf4b31a7f8d5d8b4f54cd361344eb744c5
  • message: {"iat":1594743848,"exp":1626279848,"n":1337}
  • signature: 0x000100012dd090aec5e4a9678f7968533c10fc42b07b9a23fa3b719f79a861adcfc7e1d958e3521bb061c34072f5435681390ccc9be19bf9da32320bd2356d0b4b4d316b1c02

LICENSE

麻省理工学院

 ____ ____ ____ ____ ____ ____ ____
||e |||t |||h |||a |||u |||t |||h ||
||__|||__|||__|||__|||__|||__|||__||
|/__\|/__\|/__\|/__\|/__\|/__\|/__\|

Usage

yarn add @0xsequence/ethauth or npm install @0xsequence/ethauth

Format

proof = eth.<address>.<claims>.<signature>.<extra>

Address

The account address in hex encoding, ie. '0x9e63b5BF4b31A7F8d5D8b4f54CD361344Eb744C5'.

Note, you should not take the account address in the ethauth proof at face value -- you must parse the Proof and validate it with the library methods provided. The address is included when used to verify smart wallet based accounts (aka contract-based accounts).

Claims

a base64 encoded JSON object of

interface Claims {
  app: string
  exp: number
  iat?: number
  n?: number
  typ?: string
  ogn?: string
}

Fields:

  • app (required) - App identifier requesting the issuance of the ethauth proof
  • exp (required) - Expired at unix timestamp of when the ethauth proof is valid until
  • iat (optonal) - Issued at unix timestamp of when the ethauth proof has been signed/issued
  • n (optional) - Nonce value which can be used as a challenge number for added security
  • typ (optional) - Type of authorization for this ethauth proof
  • ogn (optional) - Domain origin requesting the issuance of the ethauth proof

Signature

Signature value of the claims message payload. The signature is computed by the EIP712 eth_signTypedData call of the claims object. The signature may be recoverable with ECRecover to determine the EOA address, or you may have a different encoding such as one used with EIP-1271, to validate the contract-based account signature.

Example ETHAuth encoding / decoding

EOA account signature

ethauth-proof = eth.0x89d9f8f31817badb5d718cd6fb483b71dbd2dfed.eyJhcHAiOiJFV1RUZXN0IiwiaWF0IjoxNTk1NTMwODQwLCJleHAiOjE1OTU1MzExNDB9.0x233ab9164a677a41acc8d52c9e1d1a621acebf9bc8d956c8474618b589acebe10cc350deb4b02bf6951cec8bd23507170f204ca326a5a264b8f6f67fa2619c251c

decodes & verifies to:

  • account address: 0x89D9F8f31817BAdb5D718CD6fb483b71DbD2dfeD
  • claims: {"app":"EWTTest","iat":1595530840,"exp":1595531140}
  • signature: 0x233ab9164a677a41acc8d52c9e1d1a621acebf9bc8d956c8474618b589acebe10cc350deb4b02bf6951cec8bd23507170f204ca326a5a264b8f6f67fa2619c251c

Contract-based account signature (verifiable with EIP 1271)

ethauth-proof = eth.0x9e63b5bf4b31a7f8d5d8b4f54cd361344eb744c5.eyJpYXQiOjE1OTQ3NDM4NDgsImV4cCI6MTYyNjI3OTg0OCwibiI6MTMzN30.0x000100012dd090aec5e4a9678f7968533c10fc42b07b9a23fa3b719f79a861adcfc7e1d958e3521bb061c34072f5435681390ccc9be19bf9da32320bd2356d0b4b4d316b1c02

decodes & verifies to:

  • account address: 0x9e63b5bf4b31a7f8d5d8b4f54cd361344eb744c5
  • message: {"iat":1594743848,"exp":1626279848,"n":1337}
  • signature: 0x000100012dd090aec5e4a9678f7968533c10fc42b07b9a23fa3b719f79a861adcfc7e1d958e3521bb061c34072f5435681390ccc9be19bf9da32320bd2356d0b4b4d316b1c02

LICENSE

MIT

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文