Creating and Claiming
The Lit SDK provides a claimKeyId
method which authenticates an Auth Method
to derive the key id
. If authentication is successful, a signature is generated by each of the nodes in the network. This signature, the key id
, and derived public key are then provided to a ClaimProcessor
which will register the generated key claim on chain and then routes the generated public key for use.
The ClaimProcessor
can be provided which defines how the response from the claim operation will be registered on chain. It is recommended to use either the Lit relay server, or the contract-sdk
. There are two types of ClaimProccessor
ClientClaimProcessor
- Allows for specifying a
signer
for registering claims through thecontract-sdks
claimAndMint
- Allows for specifying a
RelayClaimProcessor
- allows for specifying a
RelayConfig
which overrides default options for calling a customrelayer
instance
- allows for specifying a
If you wish to derive public keys before claiming the LitNodeClient
offers two helper functions to allow you to compute derived public keys.
computeHdKeyId
calculates thekey id
based on auser id
andapp id
computeHdPubkey
calculates thepublic key
based on thekey id
Examples using the LitNodeClient
Below is an example of claiming a key with the LitNodeClient
using the default implementation of the ClaimProcessor
const client = new LitNodeClient({
litNetwork: "datil-dev",
debug: false
});
await client.connect();
let res = await client.claimKeyId({
authMethod, // provide an auth method to claim a key Identifier mapped to the given auth method
});
console.log("mint tx hash: ", res.mintTx);
console.log("pkp public key: ", res.pubkey);
An example of claiming with a customized ClaimProcessor
using the contracts-sdk
In this example the ClaimProcessor
is defined as the mintCallback
in the request options.
import { LitContracts } from '@lit-protocol/contracts-sdk';
import { ClaimRequest, ClaimResult, ClientClaimProcessor } from "@lit-protocol/types"
import { LIT_RPC, LIT_NETWORK } from "@lit-protocol/constants";
const client = new LitNodeClient({
litNetwork: LIT_NETWORK.DatilDev,
debug: false
});
await client.connect();
let claimReq: ClaimRequest<ClientClaimProcessor> = {
authMethod, // provide an auth method to claim a key Identifier mapped to the given auth method
signer: new ethers.Wallet("<your private key>", new ethers.providers.JsonRpcProvider(LIT_RPC.CHRONICLE_YELLOWSTONE)),
mintCallback: async (claimRes: ClaimResult<ClientClaimProcessor>) => {
const litContracts = new LitContracts({ signer: claimRes.signer });
await litContracts.connect();
let tokenId = await litContracts.pkpNftContractUtils.write.claimAndMint(claimRes.derivedKeyId, claimRes.signatures);
return tokenId.tokenId
}
};
let res = await client.claimKeyId(claimReq);
console.log("mint tx hash: ", res.mintTx);
console.log("pkp public key: ", res.pubkey);
An example of deriving a key id
to its public key, this operation does not persist the key for use on the Lit network. But it allows you to know what the key will be once registered on chain once claimed.
const client = new LitNodeClient({
litNetwork: "datil-dev",
debug: false
});
const keyId = client.computeHdKeyId("<your user id>", "<your project id>");
// the key id can now be given to the public key calculation method
const publicKey = client.computeHDPubKey(keyId);
console.log("user public key will be: ", publicKey);
An example of claiming with a customized ClaimProcessor
making a call to the Lit relay server
. In this example the ClaimProcessor
is defined as the mintCallback
in the request options.
const client = new LitNodeClient({
litNetwork: "datil-dev",
debug: false
});
await client.connect();
let res = await client.claimKeyId({
authMethod, // provide an auth method to claim a key Identifier mapped to the given auth method
mintCallback: (claimRes: ClaimResponse<RelayClaimProcessor>) => {
const response = await fetch(relayUrl, {
method: 'POST',
body: JSON.stringify(claimRes),
headers: {
'api-key': params.relayApiKey,
'Content-Type': 'application/json',
},
});
if (response.status < 200 || response.status >= 400) {
let errResp = await response.json() ?? "";
let errStmt = `An error occured requesting "/auth/claim" endpoint ${JSON.stringify(
errResp
)}`;
console.warn(errStmt);
throw new Error(errStmt);
}
let body: any = await response.json();
// the transaction hash of registering the claim on chain
return body.requestId;
}
});
console.log("mint tx hash: ", res.mintTx);
console.log("pkp public key: ", res.pubkey);
Examples Using the LitRelay
Example of claiming a key with the LitRelay
authenticating with Stytch
email OTP
We will start by creating an instance of the Stytch client, with your project id and project secret. this should be loaded from a config and never put into source control.
const client = new stytch.Client({
project_id: "<your project id>",
secret: "<your project secret>",
});
Once the client is created we can send an OTP
code through the otps
namespace on the Stytch
client. For this example we will choose otp
as our auth type and loginOrCreate
a user with a provided email address. it is intended for this value to be user provided. after creating or logging the user in, we shall authenticate
with the returned email_id
and otp
code provided by the user.
const email = ""; // email address of user
const stytchResponse = await client.otps.email.loginOrCreate({
email: email,
})
const authResponse = await client.otps.authenticate({
method_id: stytchResponse.email_id,
code: // code from email,
session_duration_minutes: 60, // session duration is required for session token creation
})
const sessionResp = await client.sessions.get({
user_id: authResponse.user_id
});
const sessionStatus = await client.sessions.authenticate({
session_token: authResponse.session_token,
})
Now we can create an instance of the LitRelay
. Then an instance of the StytchOtp
provider and provide a user id
and app id
the user id
can come from the loginOrCreate
response. The app id
can be found in your Stytch
project dashboard.
Finally, we can pass the session jwt
from the authenticate
response .
import { LitRelay } from '@lit-protocol/lit-auth-client';
import { StytchOtpProvider } from '@lit-protocol/providers';
import { LitNodeClient } from '@lit-protocol/lit-node-client';
import { LIT_NETWORK, PROVIDER_TYPE } from '@lit-protocol/constants';
const litNodeClient = new LitNodeClient({
litNetwork: LIT_NETWORK.DatilDev,
debug: true,
});
await litNodeClient.connect();
const litRelay = new LitRelay({
relayUrl: LitRelay.getRelayUrl(LIT_NETWORK.DatilDev),
relayApiKey: 'test-api-key',
});
// Initialize StytchOtp provider
const stytchProvider = new StytchOtpProvider({ relay, litNodeClient });
const authMethod = await stytchProvider.authenticate({
accessToken: sessionStatus.session_jwt
});
const claimResp = session.claimKeyId({
authMethod
});
console.log("mint tx hash: ", res.mintTx);
console.log("pkp public key: ", res.pubkey);
Calculating the public key of a given auth method identifier
We will start by creating an instance of the Stytch client, with your project id and project secret. this should be loaded from a config and never put into source control.
const client = new stytch.Client({
project_id: "<your project id>",
secret: "<your project secret>",
});
Once the client is created we can send an OTP
code through the otps
namespace on the Stytch
client. For this example we will choose otp
as our auth type and loginOrCreate
a user with a provided email address. it is intended for this value to be user provided. after creating or logging the user in, we shall authenticate
with the returned email_id
and otp
code provided by the user.
const email = ""; // email address of user
const stytchResponse = await client.otps.email.loginOrCreate({
email: email,
})
const authResponse = await client.otps.authenticate({
method_id: stytchResponse.email_id,
code: // code from email,
session_duration_minutes: 60, // session duration is required for session token creation
})
const sessionResp = await client.sessions.get({
user_id: authResponse.user_id
});
const sessionStatus = await client.sessions.authenticate({
session_token: authResponse.session_token,
})
Now we can create an instance of the LitRelay
. Then an instance of the StytchOtp
provider and provide a user id
and app id
the user id
can come from the loginOrCreate
response. The app id
can be found in your Stytch
project dashboard.
Finally, we can pass the session jwt
from the authenticate
response . Upon successful authentication
of the token, an AuthMethod
will be generated. With the Auth Method
created we can parse it and get an AuthMethodId
which can be used to calculate the public key. This is because the AuthMethodId
is the key id
import { LitRelay, getAuthIdByAuthMethod } from '@lit-protocol/lit-auth-client';
import { StytchOtpProvider } from '@lit-protocol/providers';
import { LitNodeClient } from '@lit-protocol/lit-node-client';
import { LIT_NETWORK, PROVIDER_TYPE } from '@lit-protocol/constants';
const litNodeClient = new LitNodeClient({
litNetwork: LIT_NETWORK.DatilDev,
debug: true,
});
await litNodeClient.connect();
const litRelay = new LitRelay({
relayUrl: LitRelay.getRelayUrl(LIT_NETWORK.DatilDev),
relayApiKey: 'test-api-key',
});
// Initialize StytchOtp provider
const stytchProvider = new StytchOtpProvider({ relay, litNodeClient });
const authMethod = await stytchProvider.authenticate({
accessToken: sessionStatus.session_jwt
});
const keyId = await getAuthIdByAuthMethod(authMethod);
const pubkey = session.litNodeClient.computePubkey(keyId);
console.log("pkp public key: ", pubkey);
Not finding the answer you're looking for? Share your feedback on these docs by creating an issue in our GitHub Issues and Reports repository or get support by visiting our Support page.