Keys Overview
Dig deeper into Arianee keys including the viewKey, requestKey, and proofKey.
Key Types
There are three primary types of keys:
- ViewKey: This key is immutable and generated during the creation of a digital passport. It grants the holder the ability to view the associated digital passport.
- RequestKey: Initially, the RequestKey is the same as the ViewKey for transferable digital passports. However, it can be overridden by the digital passport owner. Protocol v2 introduces changes regarding the RequestKey upon NFT transfer.
- ProofOfOwnership: In protocol v1, ProofOfOwnership can be generated to prove ownership of a digital passport. Protocol v2 replaces this with Arianee Access Token for faster and more secure off-chain proofs.
ViewKey
Creation and Retrieval
- The ViewKey is created during the digital passport's initial creation using one of the following methods:
/productManagement/productGroup/create
: Create a digital passport group./productManagement/productGroup/{productGroupID}/product/create
: Create a digital passport.
- Retrieve the ViewKey of a certificate:
- Via the NFT Management Platform UI.
- Using the
/certificate/v2/search
.
RequestKey
Creation and Retrieval
- For transferable digital passports, the
requestKey
initially matches theviewKey
. - Retrieve the initial
requestKey
using the/certificate
API with the parametersviewKey
orinitialViewKey
. Refer to the full API documentation here.
Overrides and Transfers
- Owners can override the
requestKey
:- Call the
requestKey
function as documented here. - For unclaimed digital passports, use the NFT Management Platform API.
- For claimed digital passports, generate a link using a wallet application.
- Call the
- Protocol V2 behavior on digital passport transfer:
- Cancels the previous
requestKey
.
- Cancels the previous
- Protocol V1 behavior on digital passport transfer:
- Cancels the previous
requestKey
for regular transfers. - Does not cancel the previous
requestKey
for transfers done via the recovery function documented here.
- Cancels the previous
- Digital passport recovery via the NFT Management Platform UI:
- Sequentially calls the recovery function (transfer to the brand) and generates a
requestKey
equal to the InitialviewKey
. The original RequestKey can then be used for claims.
- Sequentially calls the recovery function (transfer to the brand) and generates a
ProofKey
Generation and Validity
- Protocol V1: generates
proofKey
using theCreateCertificateProofLink
function as documented here. This can be done via API or using Arianee wallet applications. - Protocol V2:
proofKey
replaced with Arianee Access Tokens (AATs), offering off-chain, secure, and faster authentication.
- On-chain proof: A proof is valid if it has been generated approximately 72 hours on POA and 28 hours on Polygon.
- Off-chain proof: The Arianee Access Token validity depends on the defined
exp
parameter.
AddTokenAccess Function
The AddTokenAccess
function allows direct management of keys, including viewKey
, requestKey
, and proofKey
.
- Token Access types:
viewKey
:0
requestKey
:1
proofKey
:2
- The
viewKey
cannot be changed using this function; an error will occur if attempted. - To deactivate a
requestKey
, refer to the documentation for specific instructions.
Want to learn about the
addAccessToken
function? Check out our documentation here!
Updated about 1 month ago