Module IAccountKeychain

Expand description

Account Keychain interface for managing authorized keys

This precompile allows accounts to authorize secondary keys with:

Different signature types (secp256k1, P256, WebAuthn)
Expiry times for key rotation
Per-token spending limits for security

Only the main account key can authorize/revoke keys, while secondary keys can be used for regular transactions within their spending limits.

interface IAccountKeychain {
    enum SignatureType { Secp256k1, P256, WebAuthn }
    struct TokenLimit { address token; uint256 amount; }
    struct KeyInfo { SignatureType signatureType; address keyId; uint64 expiry; bool enforceLimits; bool isRevoked; }
    event KeyAuthorized(address indexed account, bytes32 indexed publicKey, uint8 signatureType, uint64 expiry);
    event KeyRevoked(address indexed account, bytes32 indexed publicKey);
    event SpendingLimitUpdated(address indexed account, bytes32 indexed publicKey, address indexed token, uint256 newLimit);
    function authorizeKey(address keyId, SignatureType signatureType, uint64 expiry, bool enforceLimits, TokenLimit[] calldata limits) external;
    function revokeKey(address keyId) external;
    function updateSpendingLimit(address keyId, address token, uint256 newLimit) external;
    function getKey(address account, address keyId) external view returns (KeyInfo memory);
    function getRemainingLimit(address account, address keyId, address token) external view returns (uint256);
    function getTransactionKey() external view returns (address);
    error UnauthorizedCaller();
    error KeyAlreadyExists();
    error KeyNotFound();
    error KeyExpired();
    error SpendingLimitExceeded();
    error InvalidSignatureType();
    error ZeroPublicKey();
    error ExpiryInPast();
    error KeyAlreadyRevoked();
}

Structs§

ExpiryInPast: Custom error with signature ExpiryInPast() and selector 0x79955a10.
IAccountKeychainInstance: A IAccountKeychain instance.
InvalidSignatureType: Custom error with signature InvalidSignatureType() and selector 0x60cd402d.
KeyAlreadyExists: Custom error with signature KeyAlreadyExists() and selector 0xaa1ba2f8.
KeyAlreadyRevoked: Custom error with signature KeyAlreadyRevoked() and selector 0xcdf0b34f.
KeyAuthorized: Emitted when a new key is authorized Event with signature KeyAuthorized(address,bytes32,uint8,uint64) and selector 0xd53a4005b3f15b2d70588c3eee78b2a6aa8df4c3129159eedd4db416c33da194.
KeyExpired: Custom error with signature KeyExpired() and selector 0x2572e3a9.
KeyInfo: Key information structure
KeyNotFound: Custom error with signature KeyNotFound() and selector 0x5f3f479c.
KeyRevoked: Emitted when a key is revoked Event with signature KeyRevoked(address,bytes32) and selector 0xa97703d8de1d538ac2ccf4453e57ec2aa4ab8b29c9a57f2a6e70a9d0e268f802.
SpendingLimitExceeded: Custom error with signature SpendingLimitExceeded() and selector 0x8a9e71ea.
SpendingLimitUpdated: Emitted when a spending limit is updated Event with signature SpendingLimitUpdated(address,bytes32,address,uint256) and selector 0x57ce4c71f9009813973686090d962422a51c0ce446502ff69c1e339b7fef40c6.
TokenLimit: Token spending limit structure
UnauthorizedCaller: Custom error with signature UnauthorizedCaller() and selector 0x5c427cd9.
ZeroPublicKey: Custom error with signature ZeroPublicKey() and selector 0xb1eddc82.
authorizeKeyCall: Authorize a new key for the caller’s account @param keyId The key identifier (address derived from public key) @param signatureType 0: secp256k1, 1: P256, 2: WebAuthn @param expiry Block timestamp when the key expires (u64::MAX for never expires) @param enforceLimits Whether to enforce spending limits for this key @param limits Initial spending limits for tokens (only used if enforceLimits is true) Function with signature authorizeKey(address,uint8,uint64,bool,(address,uint256)[]) and selector 0x54063a55.
authorizeKeyReturn: Authorize a new key for the caller’s account @param keyId The key identifier (address derived from public key) @param signatureType 0: secp256k1, 1: P256, 2: WebAuthn @param expiry Block timestamp when the key expires (u64::MAX for never expires) @param enforceLimits Whether to enforce spending limits for this key @param limits Initial spending limits for tokens (only used if enforceLimits is true) Container type for the return parameters of the authorizeKey(address,uint8,uint64,bool,(address,uint256)[]) function.
getKeyCall: Get key information @param account The account address @param publicKey The public key @return Key information Function with signature getKey(address,address) and selector 0xbc298553.
getKeyReturn: Get key information @param account The account address @param publicKey The public key @return Key information Container type for the return parameters of the getKey(address,address) function.
getRemainingLimitCall: Get remaining spending limit @param account The account address @param publicKey The public key @param token The token address @return Remaining spending amount Function with signature getRemainingLimit(address,address,address) and selector 0x63b4290d.
getRemainingLimitReturn: Get remaining spending limit @param account The account address @param publicKey The public key @param token The token address @return Remaining spending amount Container type for the return parameters of the getRemainingLimit(address,address,address) function.
getTransactionKeyCall: Get the key used in the current transaction @return The keyId used in the current transaction Function with signature getTransactionKey() and selector 0xb07fbc1a.
getTransactionKeyReturn: Get the key used in the current transaction @return The keyId used in the current transaction Container type for the return parameters of the getTransactionKey() function.
revokeKeyCall: Revoke an authorized key @param publicKey The public key to revoke Function with signature revokeKey(address) and selector 0x5ae7ab32.
revokeKeyReturn: Revoke an authorized key @param publicKey The public key to revoke Container type for the return parameters of the revokeKey(address) function.
updateSpendingLimitCall: Update spending limit for a key-token pair @param publicKey The public key @param token The token address @param newLimit The new spending limit Function with signature updateSpendingLimit(address,address,uint256) and selector 0xcbbb4480.
updateSpendingLimitReturn: Update spending limit for a key-token pair @param publicKey The public key @param token The token address @param newLimit The new spending limit Container type for the return parameters of the updateSpendingLimit(address,address,uint256) function.

Enums§

IAccountKeychainCalls: Container for all the IAccountKeychain function calls.
IAccountKeychainErrors: Container for all the IAccountKeychain custom errors.
IAccountKeychainEvents: Container for all the IAccountKeychain events.
SignatureType

Functions§

new: Creates a new wrapper around an on-chain IAccountKeychain contract instance.

Module IAccountKeychain

Module IAccountKeychain Copy item path

Structs§

Enums§

Functions§

Module IAccountKeychain