Keys Management
Dig deeper into Arianee keys including the viewKey, requestKey, and proofKey.
Key Types
There are three primary types of keys:
- ViewKey: This key is immutable and generated during the creation of a digital passport. It grants the holder the ability to view the associated digital passport.
- RequestKey: Initially, the RequestKey is the same as the ViewKey for transferable digital passports. However, it can be overridden by the digital passport owner. Protocol v2 introduces changes regarding the RequestKey upon NFT transfer.
- ProofOfOwnership: In protocol v1, ProofOfOwnership can be generated to prove ownership of a digital passport. Protocol v2 replaces this with Arianee Access Token for faster and more secure off-chain proofs.
ViewKey
Creation and Retrieval
- The ViewKey is created during the digital passport's initial creation using one of the following methods:
/createCertificateWithMetadatawith metadata./createAndStoreCertificateto create and store the certificate./createCertificateto create without storage - API for test purposes.
- Retrieve the ViewKey of a certificate:
- Via the NFT Management Platform UI.
- Using the
/certificateAPI with theparametersviewKeyorinitialViewKey. Refer to the full API documentation here.
RequestKey
Creation and Retrieval
- For transferable digital passports, the
requestKeyinitially matches theviewKey. - Retrieve the initial
requestKeyusing the/certificateAPI with the parametersviewKeyorinitialViewKey. Refer to the full API documentation here.
Overrides and Transfers
- Owners can override the
requestKey:- Call the
requestKeyfunction as documented here. - For unclaimed digital passports, use the NFT Management Platform API.
- For claimed digital passports, generate a link using a wallet application.
- Call the
- Protocol v2 behavior on digital passport transfer:
- Cancels the previous
requestKey.
- Cancels the previous
- Protocol v1 behavior on digital passport transfer:
- Cancels the previous
requestKeyfor regular transfers. - Does not cancel the previous
requestKeyfor transfers done via the recovery function documented here.
- Cancels the previous
- Digital passport recovery via the NFT Management Platform UI:
- Sequentially calls the recovery function (transfer to the brand) and generates a
requestKeyequal to the InitialviewKey. The original RequestKey can then be used for claims.
- Sequentially calls the recovery function (transfer to the brand) and generates a
ProofKey
Generation and Validity
- Protocol V1: generates
proofKeyusing theCreateCertificateProofLinkfunction as documented here. This can be done via API or using Arianee wallet applications. - Protocol V2:
proofKeyreplaced with Arianee Access Tokens (AATs), offering off-chain, secure, and faster authentication.
- On-chain proof: A proof is valid if it has been generated approximately 72 hours on POA and 28 hours on Polygon.
- Off-chain proof: The Arianee Access Token validity depends on the defined
expparameter.
AddTokenAccess Function
The AddTokenAccess function allows direct management of keys, including viewKey, requestKey, and proofKey.
- Token Access types:
viewKey:0requestKey:1proofKey:2
- The
viewKeycannot be changed using this function; an error will occur if attempted. - To deactivate a
requestKey, refer to the documentation for specific instructions.
Want to learn about the
addAccessTokenfunction? Check out our documentation here!
Updated almost 2 years ago