suborgs tidying #51
Merged
suborgs tidying #51
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
andrewkmin
force-pushed
the
andrew/updates
branch
from
bd42231 to
0dad171
Compare
timurnkey
reviewed
Oct 27, 2023
| "rootQuorumThreshold": 1 | ||
| "rootQuorumThreshold": 1, | ||
| "wallet": { | ||
| "walletName": "Default ETH Wallet", |
There was a problem hiding this comment.
let's drop the ETH here since it might confuse people into thinking that you can only use this wallet for ETH
timurnkey
reviewed
Oct 27, 2023
| organizationId: "<user sub-organization>", | ||
| timestampMs: String(Date.now()), | ||
| parameters: { | ||
| privateKeys: [ | ||
| walletName: "New ETH Wallet", |
There was a problem hiding this comment.
since in step 1 we've created a wallet, I wonder if we should show how to derive additional accounts from that wallet instead? ACTIVITY_TYPE_CREATE_WALLET_ACCOUNTS
timurnkey
reviewed
Oct 27, 2023
| "addressFormat": "ADDRESS_FORMAT_ETHEREUM", | ||
| }, | ||
| ], | ||
| }, | ||
| } | ||
| } |
There was a problem hiding this comment.
It might be helpful to explain the expected response shape. If you feel like it muddies the water skip it!
{
sub_organization_id: "" // the organization_id that the end-user must use when signing requests
wallet: {
wallet_id: "" // the wallet_id used to generate more accounts
addresses: "" // the address used to sign with
}
}
timurnkey
reviewed
Oct 27, 2023
| "timestampMs": "<time-in-ms>", | ||
| "organizationId": "<your-organization-id>", | ||
| "parameters": { | ||
| "signWith": "<wallet account address, private key id, or private key address>", |
There was a problem hiding this comment.
since this is a quickstart and we don't mention private keys , let's just put <wallet account address> instead
r-n-o
approved these changes
Oct 27, 2023
|
|
||
| ### Overview | ||
|
|
||
| Turnkey has built a new model for private key management that utilizes secure enclaves. All transactions are signed within an enclave and private keys are never exposed to Turnkey, your software, or your team. Turnkey’s role is similar to that of a safety deposit box operator — Turnkey secures and provides access to the safety deposit boxes, but our system requires cryptographic proof of ownership to take any action with the keys held within. | ||
|
|
||
| In this example wallet implementation, you will create a segregated sub-organization for each end-user, and leverage [passkeys](https://www.passkeys.io/) as cryptographic proof of ownership to ensure only the end user has the ability to approve signing with their private key. | ||
| In this example wallet implementation, you will create a segregated sub-organization for each end-user, and leverage [passkeys](https://www.passkeys.io/) as cryptographic proof of ownership to ensure only the end-user has the ability to approve signing with their private key. |
There was a problem hiding this comment.
We could link our own passkey docs here: https://docs.turnkey.com/category/using-passkeys
|
|
||
| ### Before you start | ||
|
|
||
| Make sure you’ve set up your primary Turkey Organization as well as one or more API-only users that will programmatically manage user onboarding within your application. Check out the [quickstart guide](quickstart) if you need help getting started. | ||
| Make sure you’ve set up your primary Turkey organization as well as one or more users with API access that will programmatically manage user onboarding within your application. Check out the [quickstart guide](quickstart) if you need help getting started. |
|
|
||
| With this setup each end-user now has sole control over their sub-organization and any resources created within it. Your application cannot take any actions on resources within the sub-organization without explicitly cryptographic authorization from the end-user in the form of a passkey signature. | ||
|
|
||
| It's important to note that the initial activity to create a sub-organization has to be authorized by an API key or a user in your main Turnkey organization. Otherwise anyone would be able to create sub-organizations in your organization! Here's an [example](https://github.com/tkhq/sdk/blob/a2bfbf3cbd6040902bbe4c247900ac560be42925/examples/with-federated-passkeys/src/pages/index.tsx#L88-L116) where the initial registration is done, and posted to a NextJS backend. The NextJS backend inserts the attestation and signs the `CREATE_SUB_ORGANIZATION_V4` activity [here](https://github.com/tkhq/sdk/blob/ba360baeb60d80276f7faeca602b99190fe5affe/examples/with-federated-passkeys/src/pages/api/createSubOrg.ts#L27-L106). |
There was a problem hiding this comment.
We can link wallet.tx.xyz as a live link potentially. Might easier for people to grok what's happening if they can both interact with the demo and look at the code.
| "addressFormat": "ADDRESS_FORMAT_ETHEREUM", | ||
| }, | ||
| ], | ||
| }, | ||
| } | ||
| ``` |
There was a problem hiding this comment.
Wow Github is losing its mind here
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
updating docs to mention v4
todo: