# Proof of Key A Proof of Key (PoK) process has been implemented to strengthen the security of the protocol and is used to validate the messages received by the **HAS** from the **PKSA**, but also to validate the data that is exchanged between the different nodes participating in the HiveAuth network. Indeed, all the data exchanged between the **APP** and the **PKSA** are encrypted. Therefore, a **HAS** node has no way of knowing its content. However, to ensure that the data received has indeed been generated by the account associated with a request, the **HAS** will require the **PKSA** to also sign either arbitrary data or something that it knows. A PoK is built by encrypting: * the actual UNIX time when sending a `register_req` message * the request `uuid` when replying to any request The encryption is done using both the account's private key and the [Server Encryption Key](/has-for-wallets-pksa/server-encryption-key-retrieval.md). The **PKSA** can use any account key that is available to it (posting, active or memo) to perform the encryption. The PoK will accompany each message sent by the **PKSA** to the **HAS**. The **HAS** will then: * decode the PoK using its own private key * ensure the message has been encrypted by the account by matching the public key retrieved from the encrypted PoK with the account public key retrieved from the blockchain. * In the case of account registration, check that the provided UNIX time is within a 10 seconds boundary from its actual time. This check is performed to avoid malicious actors to reuse PoK they could have got their hands on. * In the case of a request-related message, check that the decrypted `uuid` matches the `uuid` of the request. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.hiveauth.com/has-for-wallets-pksa/proof-of-key.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.