Wallet API
The primary and mandatory general-purpose API containing methods for creating a new session and authentication.
Session
The entire process begins with the client generating a unique secp256k1 private session key, forming a request with the client's name, and an ECDSA signature with the client's key. After receiving it on the Bitahon side, a unique private key is also generated specifically for this session. Bitahon forms a response containing the wallet identifier and several signatures.
Wallet ID
This is the user's wallet identifier, which can be used for various identification mechanisms. It is a 256-bit value. On the wallet side, it is computed by obtaining the SHA256 of the SLIP13 public key (m/13'/A'/B'/C'/D', index = 0, url = "wallet://ID") - m/13'/1620510732'/39957883'/1591321555'/41114891'.
Proof
Signature of the chain of public keys. Since a unique private key is used for each session, and on the Bitahon client side, it is necessary to ensure that a specific Wallet ID has agreed to create the current session. The algorithm is as follows:
- Form a message as wallet_id + sha256(session_public_key);
- Calculate the magic hash (Bitcoin Signed Messages);
- Create an ECDSA signature with the SLIP13 private key (used to obtain the wallet_id), in RSV format.
Methods
| Method | App ID | Method ID | Description |
|---|---|---|---|
| NEW_SESSION | 1 | 1 | Request a new session |
NEW_SESSION
This method is necessary to initialize a new session in the wallet.
Request
message NewSession {
string title = 1;
string description = 2;
bytes sign = 3;
}
- title, description: Client's name and brief description;
- sign: ECDSA signature of the SHA256(title+description) message, in RSV format.
Response
message NewSessionResult {
bytes wallet = 1;
bytes proof = 2;
bytes sign = 3;
}
- wallet: Wallet ID;
- proof: Proof sign;
- sign: ECDSA signature of the SHA256(wallet+proof) message, using the session's private key.