📖
Silent Network :: MPC-TSS AVS
  • Start here
    • Introduction
    • Why Silent Network?
      • TSS
      • The cryptography
      • Benchmarks
    • The network functionality
      • A session key experience with Account Abstraction and Silent Network
  • For DEVS
    • Using the Silent Network
    • Wallet Provider SDK
      • QuickStart
      • Distributed Key Generation
        • Scope of Permissions
      • Distributed Signature Generation
      • Docs
    • Wallet Provider Service SDK
      • QuickStart
      • Cargo config
      • Environment
      • Cargo Docs
        • Wallet Provider Service SDK
        • Wallet Provider Service
    • Passkey authentication
    • Batched keygen
  • For Operators: Run an MPC node in the Silent Network
    • Register to the AVS
      • Holesky testnet
      • Ethereum Mainnet
    • Launch the service on Google Cloud
    • Launch the service on Bare Metal
Powered by GitBook
On this page
  • About the session keys
  • Keygen
  1. For DEVS
  2. Wallet Provider SDK

Distributed Key Generation

PreviousQuickStartNextScope of Permissions

Last updated 10 months ago

About the session keys

Users authenticate using an EOA wallet during key generation and register an ephemeral signing key pair and associates it with their identity.

The frontend can now use the ephemeral signing key pair to authorize signing requests for duration of the session without the need for repeated user interaction, providing a seamless and secure authentication mechanism.

We use to authenticate the user during keygen. The EOAAuth object is created with the user's wallet address, ephemeral public key, and lifetime of the key in seconds.

We then use to authenticate the user during signing. The EphAuth object is created with the user's wallet address and ephemeral keypair.

Keygen

The full working example is in the . The core object to use is the .

It allows the generation of keys and signatures. To create, you need two other components. The connects to the Backend part of the SDK, and the authentication module. Currently, we provide EOA authentication via .

Let's create the NetworkSigner

// Generate ephemeral secret key esk
const sk = ed.utils.randomPrivateKey();
ephSK = sk;
// Derive public part epk from esk
ephPK = await ed.getPublicKeyAsync(sk);
  
// Create a client that connects to the backend service  
const wpClient = await createWalletProviderService(clusterConfig);

// Create EOA authenticator, signature will include epk
const eoaAuth = new EOAAuth(
  accountsFromBrowserWallet[0],
  new BrowserWallet(),
  ephPK,
  // Lifetime of one hour
  60 * 60,
);

// Create a new signer instance
const sdk = new NetworkSigner(wpClient, threshold, partiesNumber, eoaAuth);
const permissions = {
    permissions: [
        {
            type: 'erc20',
            method: 'approve',
            to: '0x1234567890123456789012345678901234567890',
            args: {
                spender: '0x1234567890123456789012345678901234567890',
                value: 10000,
                eq: '<'
            }
        },
    ]
}

// Generate a new key
let resp: KeygenResponse = await sdk.authenticateAndCreateKey(JSON.stringify(permissions));

The esk key can be later used by the frontend in subsequent signgen requests as the authentication method

Now you can generate a key, using the method. The method accepts optional permissions. No permissions means allow all operations.

More details about Permissions in the .

Calling this method will cause to the Browser Wallet window to pop up, requesting the User to sign the request. After execution, is returned.

The contains keyId and publicKey. The publicKey is the public part of the key generated by Silent Network. Use the keyId in subsequent calls to sign.

EOAAuth
EphAuth
demo
NetworkSigner
WalletProviderServiceClient
EOAAuth
authenticateAndCreateKey
Scope of Permissions
KeygenResponse
KeygenResponse