Challenge request

When an APP request the PKSA to sign a challenge, it will receive the following message:


    cmd: "challenge_req"
    account: string
    data: string
    uuid: string
    expire: number
    token: the authentication token - DEPRECATED since protocol v1
  • account: the Hive account name

  • data: the Base64 representation of an encrypted challenge_req_data object

  • uuid {string} the transaction request identifier

  • expire {Number} UNIX time when the request will expire

  • token: the authentication token - Deprecated since protocol v1

The PKSA must decrypt the challenge_req_data object using the encryption key previously shared with the APP (auth_key)

The structure of the challenge_req_data is:


    key_type: string,
    challenge: string,
    decrypt: boolean = false // protocol >= 1
    nonce: number
  • key_type: the key type required to sign the transactions. It can be one of posting|active|memo.

  • challenge: a string to be signed

  • decrypt: (optional - default value is false) indicates if the passed challenge must be encrypted (decrypt=false) or decrypted (decrypt=true) before being returned by the PKSA

  • nonce: UNIX time of the request

Last updated