-
Notifications
You must be signed in to change notification settings - Fork 24
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add messages specifications for personalsign req/resp, and pers…
…onalsign flow
- Loading branch information
Showing
5 changed files
with
177 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,45 @@ | |||
--- | |||
title: "Personal Signature Request Flow" | |||
category: "flows" | |||
type: "reference" | |||
source: "https://github.com/uport-project/specs/blob/develop/flows/personalsign.md" | |||
--- | |||
|
|||
# Personal Signature Request Flow | |||
|
|||
Similar to a [Typed Data Signature Request](verificationreq.md), a client application can request that the user sign an arbitrary string of data. | |||
|
|||
The following shows the basic flow: | |||
|
|||
![Personal Signature Request Flow](personalsign.png) | |||
|
|||
## Endpoint | |||
|
|||
The request should be sent to the following URLs: | |||
|
|||
- `https://id.uport.me/req/[JWT]` | |||
|
|||
## Send Request | |||
|
|||
Create a valid signed [Personal Signature Request](../messages/personalsignreq.md). | |||
|
|||
|
|||
## Client Callback | |||
|
|||
The client app MAY include a URL where the response is returned from the user. This can be a HTTPS URL or a custom app URL which receives the response. | |||
|
|||
Responses are param appended to a URL fragment. If the callback requires the response as a HTTP POST, it is sent as a JSON POST request to the callback URL instead. | |||
|
|||
### Successful Response | |||
|
|||
param | Description | |||
-------------- | ----------- | |||
`personalSig` | [Personal Signature Response](../messages/personalsignresp.md) | |||
|
|||
### Errors | |||
|
|||
An `error` parameter is returned as the response to the Client App, containing the following: | |||
|
|||
Error | Description | |||
------------- | ----------- | |||
`access_denied`| User denies the request |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,38 @@ | |||
--- | |||
title: "Personal Sign Request" | |||
category: "messages" | |||
"type": "reference" | |||
source: "https://github.com/uport-project/specs/blob/develop/messages/personalsignreq.md" | |||
--- | |||
|
|||
# Personal Sign Request | |||
|
|||
The Personal Sign Request is a message created by a client app and sent to a user's mobile app, which contains a string of arbitrary, unstructured data to be signed. This is an adaptation of the `personal_sign` RPC call to a uPort-based workflow. | |||
|
|||
#### Attributes | |||
|
|||
The JWT shares these attributes with the [Share Request](sharereq.md) and [Verification Request](verificationreq.md): `iat`, `exp`, `callback`, and `vc`; it also shares the `riss` field with [Verification Request](verificationreq.md). The data in the `data` field should be a string containing the hex characters that make up the UTF-8 representation of the data to be signed, prefixed with `0x`. | |||
|
|||
The following additional attributes of the JWT are supported: | |||
|
|||
Name | Description | Required | |||
---- | ----------- | -------- | |||
[`iat`](https://tools.ietf.org/html/rfc7519#section-4.1.6) | The time of issuance | yes | |||
[`exp`](https://tools.ietf.org/html/rfc7519#section-4.1.4) | Expiration time of JWT | no | |||
`type` | MUST have the value `personalSignReq` | yes | |||
`data` | A string containing the hex encoding of the data to be signed | yes | |||
`callback` | Callback URL for returning the response to a request (may be deprecated in future) | no | |||
`riss` | The DID of the identity you want to sign the Verified Claim | no | |||
`vc` | Array of Verified Claims JWTs or IPFS hash of JSON encoded equivalent about the `iss` of this message. See [Issuer Claims](/messages/claims.md) and [Verified Claims](/messages/verification.md) | no | |||
|
|||
|
|||
Example Personal Sign request: | |||
|
|||
```json | |||
{ | |||
"riss":"did:ethr:IDENTITY_THAT_WILL_SIGN_THE_CLAIM", | |||
"data": "0xdeaddeadbeefbeef", | |||
"callback": "https://example.com", | |||
"exp": 123456789 | |||
} | |||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,41 @@ | |||
--- | |||
title: "Sign Typed Data Response" | |||
category: "messages" | |||
"type": "reference" | |||
source: "https://github.com/uport-project/specs/blob/develop/messages/signtypeddataresp.md" | |||
--- | |||
|
|||
# Personal Sign Response | |||
|
|||
A personal sign response is a JWT containing within it a hex string of data, and an object representing the signature of the hash of that data. See also: [Personal Sign Request](personalsignreq.md) | |||
|
|||
# Attributes | |||
|
|||
The JWT contains three required fields, `iat`, `iss`, `request`, and `signature`. The `request` is an EIP712 signature request, as definied in the [EIP712 specification for typed data](https://eips.ethereum.org/EIPS/eip-712). `iss` and `iat` are defined as the issuer of the JWT, and the time at which it was issued, as usual. The `signature` field is an object containing the components `r`, `s`, and `v` which make up the signature over the typed data specified in the `request` field. The JWT may optionally also contain the `exp`, `vc` fields. | |||
|
|||
Name | Description | Required | |||
---- | ----------- | -------- | |||
[`iat`](https://tools.ietf.org/html/rfc7519#section-4.1.6) | The time of issuance | yes | |||
`type` | MUST have the value `eip712Resp` | yes | |||
`iss` | The DID of the issuer of the JWT, not necessarily the same as the signer in `signature` | yes | |||
`data` | A hex string representing the data that was signed. | yes | |||
`signature` | An object containing `r`, `s`, and `v`, the components of the signature | yes | |||
`vc` | Array of Verified Claims JWTs or IPFS hash of JSON encoded equivalent about the `iss` of this message. See [Issuer Claims](/messages/claims.md) and [Verified Claims](/messages/verification.md) | no | |||
[`exp`](https://tools.ietf.org/html/rfc7519#section-4.1.4) | Expiration time of JWT | no | |||
|
|||
|
|||
|
|||
An example personal signature response: | |||
```json | |||
{ | |||
"iat": 123456789, | |||
"iss": "did:ethr:0x...", | |||
"data": "0xdeaddeadbeefbeef", | |||
"signature": { | |||
"r": "0x...", | |||
"s": "0x...", | |||
"v": "0x..." | |||
}, | |||
"exp": 123456789, | |||
} | |||
``` |