Challenge request

When an APP request the PKSA to sign a challenge, it will receive the following message:

challenge_req

{
    cmd: "challenge_req"
    account: string
    data: string
    uuid: string
    expire: number
    token: the authentication token - DEPRECATED since protocol v1
}

account: the Hive account name
data: the Base64 representation of an encrypted challenge_req_data object
uuid {string} the transaction request identifier
expire {Number} UNIX time when the request will expire
token: the authentication token - Deprecated since protocol v1

The PKSA must decrypt the challenge_req_data object using the encryption key previously shared with the APP (auth_key)

The structure of the challenge_req_data is:

challenge_req_data

{
    key_type: string,
    challenge: string,
    decrypt: boolean = false // protocol >= 1
    nonce: number
}

key_type: the key type required to sign the transactions. It can be one of posting|active|memo.
challenge: a string to be signed
decrypt: (optional - default value is false) indicates if the passed challenge must be encrypted (decrypt=false) or decrypted (decrypt=true) before being returned by the PKSA
nonce: UNIX time of the request

PreviousChallenge NextFeedback to user

Last updated 1 year ago