@likecoin/secretd-js

0.5.0-beta.1 • Public • Published

secretd-js

Javascript Client SDK for Authcore Vault and Secretd

Overview

The sceretd-js allows you to generate, store and use cryptographic keys in Secretd.

You can use this library to manage cryptograph secrets from web browsers through Authcore Vault's web service API. This library establish an end-to-end secure channel from web browsers to a Secretd instance, protecting the secrets from any intermediary services, include Authcore itself.

The library also exposes a high-level API for managing private wallet keys for blockchain networks. It supports all digital assets based on Ethereum and Cosmos Network.

It also supports making calls to Secretd instances from a server (i.e. in NodeJS).

Installation

secretd-js can be installed as a npm package using npm or yarn.

Installing with npm

npm install --save https://gitlab.com/blocksq/secretd-js.git

Or, with yarn

yarn add https://gitlab.com/blocksq/secretd-js.git

React Native

This library and its dependencies require several Node core modules like buffer and crypto that are not included in React Native stack.

You need to install compatible implementations of these modules and expose them to your app.

yarn add buffer util readable-stream vm-browserify process react-native-crypto react-native-randombytes

Modify metro.config file in the root directory of your React Native project and set resolver.extraNodeModules:

module.exports = (async () => {
  return {
    // ...
    resolver: {
      // ...
      extraNodeModules: {
        buffer: require.resolve('buffer'),
        crypto: require.resolve('react-native-crypto'),
        process: require.resolve('process/browser'),
        stream: require.resolve('readable-stream'),
        util: require.resolve('util/util'),
        vm: require.resolve('vm-browserify')
      }
    }
  }
})()

Node has certain globals that modules may expect, such as Buffer or process. React Native does not provide these globals. You can add these globals to React Native global environment.

Add a global.js:

global.Buffer = require('buffer').Buffer
global.process = require('process')

Require global.js in your app before anything else (e.g. in index.js)

import "./global"
// ...
import "./app/app.tsx"

Usage

var { AuthcoreVaultClient } = require('secretd-js')

var client = new AuthcoreVaultClient({
    apiBaseURL: 'https://example.authcore.io/',
    accessToken: 'an access token or service account token',
    staticKey: 'a secretd secret key' // Optional, used by a server to invoke privileged APIs
})

Secretd UID

Secretd has a different UID scheme separated from Authcore. Some Authcore Vault methods refers Secretd users using a UID. You can obtain a UID with a Authcore user id using this method.

var uid = await client.authcoreLookupOrCreateUser(userId)

Note that this method require a higher privileges. You will need to authenticate with a staticKey.

Cosmos Integration

var { AuthcoreCosmosProvider } = require('secretd-js')

var cosmosProvider = AuthcoreCosmosProvider({
    client, // an AuthcoreVaultClient instance
    oid: 'hdwallet oid', // OID of a hdwallet object. Default to %%USER%%/hdwallet_default
    path: 'hdwallet derive path', // derive path for the default address. Default to m/44'/118'/0'/0/0
})

Getting addresses and public keys. These method will generate a new hdwallet object at the specified oid if it hasn't been generated. Note that they return an array of addresses and public keys.

var addresses = await cosmosProvider.getAddresses()
var publicKeys = await cosmosProvider.getPublicKeys()

Signing a transactions

var data = {
    'account_number': '0',
    'chain_id': '0',
    'fee': {
        // ...
    },
    'memo': '',
    'msgs': [
        // ...
    ],
    'sequence': '0'
}
var sigData = await cosmosProvider.sign(data)

Creating objects on behalf of another user

Secretd supports a special user namespace user/**uid**/. Secretd users with SYSTEM_CREATE_OBJECT capability can create new objects under these namespaces. And the user referred by uid will automatically gain access to objects in their user namespaces.

Hence, a privileged user can create objects on behalf of another user.

var oid = `user/${uid}/hdwallet_default`
var cosmosProvider = new AuthcoreCosmosProvider({ client, oid })
var addresses = await cosmosProvider.getAddresses() // This method initialize a new wallet

See examples for a demonstration.

Readme

Keywords

none

Package Sidebar

Install

npm i @likecoin/secretd-js

Weekly Downloads

189

Version

0.5.0-beta.1

License

Apache 2.0

Unpacked Size

158 kB

Total Files

23

Last publish

Collaborators

  • nwingt
  • williamchong007
  • aurora22