You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/src/Actions/Response.md
+19-6Lines changed: 19 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -49,8 +49,9 @@ These credentials follow the [DSNP Verifiable Credentials Specification](https:/
49
49
_Trust Model Note_: You may choose to just trust credentials issued by Frequency Access (or other SIWF-compatible services) given that the credential is fetched directly. These will have issuer `did:web:testnet.frequencyaccess.com` or `did:web:frequencyaccess.com`.
50
50
51
51
1. Check that the `credentialSubject.id` matches the `userPublicKey` following the [`did:key` Method from the W3C](https://w3c-ccg.github.io/did-key-spec/#format)
52
-
- Example: `f6cL4wq1HUNx11TcvdABNf9UNXXoyH47mVUwT59tzSFRW8yDH` is the [SS58](https://docs.substrate.io/reference/address-formats/) version with prefix `90` of the hex address `0xd43593c715fdd31c61141abd04a99fd6822c8558854ccde39a5684e7a56da27d`. `0xef01d43593c715fdd31c61141abd04a99fd6822c8558854ccde39a5684e7a56da27d` is multicodec `sr25519-pub` hex which is multiformat `base58-btc``z6QNzHod3tSSJbwo4e5xGDcnsndsR9WByZzPoCGdbv3sv1jJ`
53
-
2. Fetch the issuer DID Document following the [`did:web` Method from the W3C](https://w3c-ccg.github.io/did-method-web/)
52
+
- Sr25519 key Example: `f6cL4wq1HUNx11TcvdABNf9UNXXoyH47mVUwT59tzSFRW8yDH` is the [SS58](https://docs.substrate.io/reference/address-formats/) version with prefix `90` of the hex address `0xd43593c715fdd31c61141abd04a99fd6822c8558854ccde39a5684e7a56da27d`. `0xef01d43593c715fdd31c61141abd04a99fd6822c8558854ccde39a5684e7a56da27d` is multicodec `sr25519-pub` hex which is multiformat `base58-btc``z6QNzHod3tSSJbwo4e5xGDcnsndsR9WByZzPoCGdbv3sv1jJ`
53
+
- Secp256k1 ket example: `f6bgm3jyDVNxMf9zdYgHZmAQ8DqLVFDzvHQQc2BBpa5SK2bDw` is the [SS58](https://docs.substrate.io/reference/address-formats/) version with prefix `90` of the hex address `0xb7c13f4176ca799975d9cce4bafe4814a9d824faeeeeeeeeeeeeeeeeeeeeeeee`. `0xe701b7c13f4176ca799975d9cce4bafe4814a9d824faeeeeeeeeeeeeeeeeeeeeeeee` is multicodec `secp256k1-pub` (this will not work since we only have the 32 byte account id not the 33 byte public key) (?)
54
+
3. Fetch the issuer DID Document following the [`did:web` Method from the W3C](https://w3c-ccg.github.io/did-method-web/)
54
55
- Production-Mainnet should always be `did:web:frequencyaccess.com` which resolves to `https://frequencyaccess.com/.well-known/did.json`
55
56
- Staging-Testnet should always be `did:web:testnet.frequencyaccess.com` which resolves to `https://testnet.frequencyaccess.com/.well-known/did.json`
56
57
3. Check that the key in the `proof.verificationMethod` is in the DID Document to verify that the key is still valid
@@ -112,7 +113,7 @@ Inside the message, `{{domain}}` is the domain of the application requesting the
112
113
113
114
#### Validation Steps
114
115
115
-
1. Perform an Sr25519 signature verification using:
116
+
1. Perform an Sr25519/Secp256k1 signature verification using:
116
117
-`userPublicKey`: The signing key
117
118
-`payload.message`: The signed message parsing `\n` into `LF` line breaks
118
119
-`signature.encodedValue`: The signature
@@ -175,12 +176,24 @@ SIWF services do not manage user sessions.
Copy file name to clipboardExpand all lines: docs/src/DataStructures/All.md
+30-6Lines changed: 30 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,29 +4,53 @@
4
4
5
5
### Request
6
6
7
-
{{#include Request.md 0}}
7
+
#### Sr25519
8
+
{{#include ./Sr25519/Request.md 0}}
9
+
10
+
#### Secp256k1
11
+
{{#include ./Secp256k1/Request.md 0}}
8
12
9
13
### Request URL
10
14
11
-
{{#include RequestUrl.md 0}}
15
+
#### Sr25519
16
+
{{#include ./Sr25519/RequestUrl.md 0}}
17
+
18
+
#### Secp256k1
19
+
{{#include ./Secp256k1/RequestUrl.md 0}}
12
20
13
21
### Signed Request
14
22
15
23
This is JSON stringified and then [`base64url`](https://datatracker.ietf.org/doc/html/rfc4648#section-5) encoded for the Request `signedRequest` value.
"message": "your-app.com wants you to sign in with your Frequency account:\n0xf24ff3a9cf04c71dbc94d0b566f7a27b94566cac\n\n\n\nURI: https://your-app.com/signin/callback\nNonce: N6rLwqyz34oUxJEXJ\nIssued At: 2024-10-29T19:17:27.077Z\nExpiration Time: 2060-03-05T23:23:03.041Z"
0 commit comments