tKey
tKey manages private keys using the user’s device, private input, and wallet service provider. As long as a user has access to 2 out of 3 (2/3) of these shares, they will be able to retrieve their private key. For more information, checkout the technical overview. Before integrating you can also checkout the example site for tKey.
The following are steps of how to use the SDK in your application:
Features
- Typescript compatible. Includes Type definitions
- Fully composable API
- Supports rehydration
Installation
Bundling
This module is distributed in 3 formats
commonjs
build dist/tkey.cjs.js
in es5 formatcommonjs
build dist/tkey-bundled.cjs.js
in es5 format with problematic packages bundled (benfits non-webpack users)umd
build dist/tkey.umd.min.js
in es5 format without polyfilling corejs minifiedumd
build dist/tkey.polyfill.umd.min.js
in es5 format with polyfilling corejs minified
By default, the appropriate format is used for your specified usecase
You can use a different format (if you know what you're doing) by referencing the correct file
The cjs build is not polyfilled with core-js.
It is upto the user to polyfill based on the browserlist they target
Directly in Browser
CDN's serve the non-core-js polyfilled version by default. You can use a different
jsdeliver
<script src="https://cdn.jsdelivr.net/npm/@tkey/core"></script>
unpkg
<script src="https://unpkg.com/@tkey/core"></script>
Tips for NUXT
This is a plugin that works only on the client side. So please register it as a ssr-free plugin.
Usage
Pre-cursors
Before including the tKey SDK, we first need to setup directAuth for the Google logins etc... Below are several steps:
npm i @tkey/core
-
If you're using redirectToOpener, modify the origin of postMessage from "http://localhost:3000" to your hosted domain in redirect.html and sw.js
-
Serve service worker from baseUrl where baseUrl is the one passed while instantiating tkey for specific login (example http://localhost:3000/serviceworker/). If you're already using a sw, please ensure to port over the fetch override from our service worker
-
For browsers where service workers are not supported or if you wish not to use service workers, create and serve redirect page from baseUrl/redirect where baseUrl is the one passed while instantiating tkey for specific login ( example http://localhost:3000/serviceworker/)
-
At verifier's interface (where you obtain client id), please use baseUrl/redirect (eg: http://localhost:3000/serviceworker/redirect) as the redirect_uri where baseUrl is the one passed while instantiating tkey
Now we can proceed to the basic usage, for your own application reach out to hello@tor.us to get your verifier spun up on the testnet today!!
Basic Usage
import ThresholdKey, { WebStorageModule, SecurityQuestionsModule, TorusServiceProvider, TorusStorageLayer } from "@tkey/core";
const serviceProvider = new TorusServiceProvider({
directParams: {
GOOGLE_CLIENT_ID: "<GOOGLE_CLIENT_ID>",
baseUrl: "<REDIRECT_URL>",
network: "ropsten",
proxyContractAddress: "0x4023d2a0D330bF11426B12C6144Cfb96B7fa6183"
}
});
const storageLayer = new TorusStorageLayer({ hostUrl: "https://metadata.tor.us", serviceProvider });
const tkey = new ThresholdKey({
modules: {
securityQuestions: new SecurityQuestionsModule()
},
serviceProvider,
storageLayer
});
await tkey.serviceProvider.init({ skipSw: true });
await tkey.serviceProvider.triggerLogin({
typeOfLogin: "google",
name: "Google",
clientId: "<GOOGLE_CLIENT_ID>",
verifier: "<VERIFIER_NAME>",
});
await tkey.initialize();
const reconstructedKey = await tkey.reconstructKey();
Adding additional shares
await tkey.modules.securityQuestions.generateNewShareWithSecurityQuestions("myanswer", "myquestion?");
await tkey.modules.securityQuestions.generateNewShareWithSecurityQuestions("mypassword", "what's is your password?");