secretd-js
Javascript Client SDK for Authcore Vault and Secretd
Overview
The sceretd-js allows you to generate, store and use cryptographic keys in
Secretd.
You can use this library to manage cryptograph secrets from web browsers through Authcore Vault's web service API. This library establish an end-to-end secure channel from web browsers to a Secretd instance, protecting the secrets from any intermediary services, include Authcore itself.
The library also exposes a high-level API for managing private wallet keys for blockchain networks. It supports all digital assets based on Ethereum and Cosmos Network.
It also supports making calls to Secretd instances from a server (i.e. in NodeJS).
Installation
secretd-js can be installed as a npm package using npm or yarn.
Installing with npm
npm install --save https://gitlab.com/blocksq/secretd-js.git
Or, with yarn
yarn add https://gitlab.com/blocksq/secretd-js.git
React Native
This library and its dependencies require several Node core modules like buffer and crypto
that are not included in React Native stack.
You need to install compatible implementations of these modules and expose them to your app.
yarn add buffer util readable-stream vm-browserify process react-native-crypto react-native-randombytes
Modify metro.config file in the root directory of your React Native project and set
resolver.extraNodeModules:
module.exports = (async () => {
return {
// ...
resolver: {
// ...
extraNodeModules: {
buffer: require.resolve('buffer'),
crypto: require.resolve('react-native-crypto'),
process: require.resolve('process/browser'),
stream: require.resolve('readable-stream'),
util: require.resolve('util/util'),
vm: require.resolve('vm-browserify')
}
}
}
})()Node has certain globals that modules may expect, such as Buffer or process. React Native does
not provide these globals. You can add these globals to React Native global environment.
Add a global.js:
global.Buffer = require('buffer').Buffer
global.process = require('process')Require global.js in your app before anything else (e.g. in index.js)
import "./global"
// ...
import "./app/app.tsx"Usage
var { AuthcoreVaultClient } = require('secretd-js')
var client = new AuthcoreVaultClient({
apiBaseURL: 'https://example.authcore.io/',
accessToken: 'an access token or service account token',
staticKey: 'a secretd secret key' // Optional, used by a server to invoke privileged APIs
})Secretd UID
Secretd has a different UID scheme separated from Authcore. Some Authcore Vault methods refers Secretd users using a UID. You can obtain a UID with a Authcore user id using this method.
var uid = await client.authcoreLookupOrCreateUser(userId)Note that this method require a higher privileges. You will need to authenticate with a
staticKey.
Cosmos Integration
var { AuthcoreCosmosProvider } = require('secretd-js')
var cosmosProvider = AuthcoreCosmosProvider({
client, // an AuthcoreVaultClient instance
oid: 'hdwallet oid', // OID of a hdwallet object. Default to %%USER%%/hdwallet_default
path: 'hdwallet derive path', // derive path for the default address. Default to m/44'/118'/0'/0/0
})Getting addresses and public keys. These method will generate a new hdwallet object at the specified oid if it hasn't been generated. Note that they return an array of addresses and public keys.
var addresses = await cosmosProvider.getAddresses()
var publicKeys = await cosmosProvider.getPublicKeys()Signing a transactions
var data = {
'account_number': '0',
'chain_id': '0',
'fee': {
// ...
},
'memo': '',
'msgs': [
// ...
],
'sequence': '0'
}
var sigData = await cosmosProvider.sign(data)Creating objects on behalf of another user
Secretd supports a special user namespace user/**uid**/. Secretd users with
SYSTEM_CREATE_OBJECT capability can create new objects under these namespaces. And the user
referred by uid will automatically gain access to objects in their user namespaces.
Hence, a privileged user can create objects on behalf of another user.
var oid = `user/${uid}/hdwallet_default`
var cosmosProvider = new AuthcoreCosmosProvider({ client, oid })
var addresses = await cosmosProvider.getAddresses() // This method initialize a new walletSee examples for a demonstration.