Module rings_core::session

source ·
Expand description

Understanding Abstract Account and Session keypair in Rings Network

The Rings network offers a unique mechanism to bolster security and abstract the user’s keypair through a feature known as session keypair.

The fundamental concept behind keypair session involves creating an association between a user’s keypair and a randomly generated keypair. In our terminology:

The user’s original keypair (private key, public key) is referred to as the “account” (sk, pk). The randomly generated keypair by the Rings network is known as the “session” (sk, pk).

  • Here’s how the process works:

  1. A random delegate private key (sk) is generated, along with its corresponding public key (pk).

  2. A session is formed based on the session’s public key and the account’s public key. This can be conceptualized as a contract stating, “I delegate to {pk} for the time period {ts, ttl}”.

  3. The account must sign the session, now termed “Session”, using its private key.

  4. When sending and receiving messages, the Rings network will handle message signing and verification using the session’s keypair (sk, pk).

SessionSkBuilder, SessionSk was exported to wasm envirement, so in browser/wasm envirement it can be done with nodejs code:

   // prepare auth & send to metamask for sign
   let sessionBuilder = SessionSkBuilder.new(account, 'eip191')
   let unsignedSession = sessionBuilder.unsigned_proof()
   const { signed } = await sendMessage(
     'sign-message',
     {
       auth: unsignedSession,
     },
     'popup'
   )
   const signature = new Uint8Array(hexToBytes(signed))
   sessionBuilder = sessionBuilder.set_session_sig(signature)
   let sessionSk: SessionSk = sessionBuilder.build()

See SessionSk and SessionSkBuilder for details.

Structs

  • Session
    Session is used to verify the message. It’s serializable and can be attached to the message payload.
  • SessionSk
    SessionSk holds the Session and its session private key. To prove that the message was sent by the Account of Session, we need to attach session and the signature signed by sk to the payload.
  • SessionSkBuilder
    SessionSkBuilder is used to build a SessionSk.

Enums

  • Account
    We will support as many protocols/algorithms as possible. Currently, it comprises Secp256k1, EIP191, BIP137, and Ed25519. We welcome any issues and PRs for additional implementations.