Duo SDK

Admin

Authentication middleware

The Admin acts as the authentication module. Once the user authenticates with the Admin, the latter authorises the user to perform key generation and sign operations with the server Node.

This authorisation is done by issuing a userToken to the user. The userToken is a Json Web Token (JWT) generated using ADMIN_KEY as the key. The ADMIN_KEY is a shared secret between the Sigpair Admin and the Sigpair Node. The ADMIN_KEY for the node is configured when the node is deployed.

The ADMIN_KEY must be randomly generated! It must be 32 bytes in length. Secure management of the ADMIN_KEY is the responsibility of the company. Please use a cryptographically secure random number generator.

Security of the ADMIN KEY

The ADMIN_KEY must be stored securely. Compromise of the token can lead to loss of the server share. Compromise of the token does not lead to compromise of the user secret shard wallet.

Admin SDK

We provide SDKs to perform admin actions.

Initialise Admin class

import { SigpairAdmin } from "sigpair-admin-v2";

// Example admin token.
// DO NOT hardcode in production code!
const adminToken =
    "1ec3804afc23258f767b9d38825dc7ab0a2ea44ef4adf3254e4d7c6059c3b55a";
    
// Base url of the server node
const baseUrl = "http://localhost:8080";
const admin = new SigpairAdmin(adminToken, baseUrl);

After authentication is complete, the Admin can use the SDK to create a new user. 

// Create a new user with the sigpair node
// userId is a number. Unique for each new user. 
const userId = await admin.createUser("user-name");

Issue user token

User Token

This is the token issued to the a user, which they can use to authenticate themselves with the Server Node for MPC operations:

export type UserToken = {
  user_id: number;
  iat: number;
  exp: number;
  // Hex string
  public_key: string;
};

  • user_id : User Id of the user. Generated when creating a user.

  • iat: Issued at timestamp as per JWT standard. Unix timestamp.

  • exp: Expiry timestamp as per JWT standard. Unix timestamp.

  • public_key : Signing public key of the user. (ED25519 public key). This is key is not an MPC key. It's a normal ED25519 signing public key. The Sigpair Node will only accept messages signed by this public key.

public_keyis the signing public key of the client. The client has a signing key-pair which it uses to sign all messages which is verified by the Node. This is done to verify the source of each message passed between the parties. That key is different from the MPC wallet key/public key.

The signing key-pair is a ED25519 signing key-pair. So the public key is a ED25519 public key which is 32 bytes in length. (64 hex chars)

The Admin can issue a User Token that can be used by the client to authenticate with the server Node. This action requires no interaction with the server Node. It's just generation of a JWT by the Admin using the ADMIN_KEY

// Using the @noble/ed25519 library
import * as ed from "@noble/ed25519";
import { SigpairAdmin } from "sigpair-admin-v2";

// Example admin token.
// DO NOT hardcode in production code!
const adminToken =
    "1ec3804afc23258f767b9d38825dc7ab0a2ea44ef4adf3254e4d7c6059c3b55a";
    
// Base url of the sigpair node
const baseUrl = "http://localhost:8080";
const admin = new SigpairAdmin(adminToken, baseUrl);

// Create a new user with the sigpair node
// userId is a number. Unique for each new user. 
const userId = await admin.createUser("user-name");

// Generate a new signing key pair for the user
// In a real application, the user keys should be generated on the client side by
// the user, and the public key must be passed to the admin.
const sk = ed.utils.randomPrivateKey();

// Get the public key from the private key
const pk = await ed.getPublicKeyAsync(sk);

// Generate a new userToken using 
const token = admin.genUserToken(userId, ed.etc.bytesToHex(pk));

Delete Key

Key deletion is a dangerous operation.

Some recommendations:

  • Admin must verify the delete request using 2fa or request re-authentication.

  • Admin must notify the user of this request before deleting.

  • Admin optionally can wait for a period before deleting the key.

Last updated