Comment on page
Add Secure Key
Additional security layer.
To enhance the security and control over who can execute the assigned
LitAction granted to your PKP, you have the option to implement a Secure Key. This mechanism is analogous to using an API key, serving as an additional layer of authorization.Generating the Secure Key
This secure key is generated when running
setActions() where you will receive a 32-byte hash key. This key is generated randomly and returned.Store this key in a secure location, your LitAction will not run without it.
How It Works
- 1.Hash Generation: The SHA-256 hash of the Secure Key is computed and permanently associated with the
LitAction. - 2.Execution: When you attempt to run the
LitAction, you must provide the correct Secure Key as a parameter. - 3.Validation: A function within the
LitActionwill then compare the SHA-256 hash of the provided key against the original hash stored in theLitAction. - 4.Outcome:
- Success: If the hashes match, the
LitActionwill execute. - Failure: If the hashes do not match, the
LitActionwill not execute.
// Pass true after the actions array to create and apply the Secure Key to your LitAction. Retrieve the secureKey value from the returned object array.
const {unsignedTransactionDataObject, litActionCode, secureKey} = await newCircuit.setActions([fetchAction, contractAction], true);
// Pass in the correct secure key to start
await newCircuit.start({publicKey, ipfsCID, authSig, secureKey});