KeyAuthorization

Tempo key authorization utilities for provisioning and signing access keys.

Access keys allow a root key (e.g., a passkey) to delegate transaction signing to secondary keys with customizable permissions including expiry timestamps and per-TIP-20 token spending limits. This enables a user to sign transactions without repeated passkey prompts.

Access Keys Specification

Examples

import { KeyAuthorization, SignatureEnvelope } from 'ox/tempo'
import { Address, Secp256k1, WebCryptoP256, Value } from 'ox'
 
const keyPair = await WebCryptoP256.createKeyPair()
const address = Address.fromPublicKey(keyPair.publicKey)
 
const authorization = KeyAuthorization.from({
  address,
  expiry: 1234567890,
  type: 'p256',
  limits: [{
    token: '0x20c0000000000000000000000000000000000001',
    limit: Value.from('10', 6),
  }],
})
 
const privateKey = '0x...'
const payload = KeyAuthorization.getSignPayload(authorization)
const signature = SignatureEnvelope.from(
  Secp256k1.sign({ payload, privateKey }),
)
 
KeyAuthorization.from(authorization, { signature })

Functions

Name	Description
`KeyAuthorization.from`	Converts a Key Authorization object into a typed `KeyAuthorization.KeyAuthorization`.
`KeyAuthorization.fromRpc`	Converts an `AuthorizationTempo.Rpc` to an `AuthorizationTempo.AuthorizationTempo`.
`KeyAuthorization.fromTuple`	Converts an `KeyAuthorization.Tuple` to an `KeyAuthorization.KeyAuthorization`.
`KeyAuthorization.getSignPayload`	Computes the sign payload for an `KeyAuthorization.KeyAuthorization`.
`KeyAuthorization.hash`	Computes the hash for an `KeyAuthorization.KeyAuthorization`.
`KeyAuthorization.toRpc`	Converts an `KeyAuthorization.KeyAuthorization` to an `KeyAuthorization.Rpc`.
`KeyAuthorization.toTuple`	Converts an `KeyAuthorization.KeyAuthorization` to an `KeyAuthorization.Tuple`.

Types

Name	Description
`KeyAuthorization.KeyAuthorization`	Key authorization for provisioning access keys.
`KeyAuthorization.Rpc`	RPC representation of an `KeyAuthorization.KeyAuthorization`.
`KeyAuthorization.Signed`	Signed representation of a Key Authorization.
`KeyAuthorization.TokenLimit`	Token spending limit for access keys.
`KeyAuthorization.Tuple`	Tuple representation of a Key Authorization.