Webnative Filecoin Integration Summary

This post is a high-level summary of key setup and transactions in the Webnative Filecoin integration as of phase 2 completion. Please see the Filecoin Phase 2 Write Up for a deeper overview of the technical architecture.

Key setup


  • Users sign into the Filecoin Backup App through the Fission Auth Lobby using the webnative library
  • Permission to read/write to private/Keychain/fil-cosigner.json is requested

Browser half of BLS Signature Aggregation pair

  • webnative-filecoin generates the private key for one half of a BLS signature and stores it as private/Keychain/fil-cosigner.json
  • webnative-filecoin sends the corresponding public key to the cosigning server

Cosigning server half of BLS Signature Aggregation pair

  • When the cosigning server receives a public key from webnative-filecoin, it generates a random private key that it stores alongside the public key sent by the user


Cosigning Permissions

  • webnative-filecoin sends the user to the Fission Auth Lobby to request permission to sign transactions
  • In the current implementation, this is hardcoded at 1000 FIL max over one hour of time

Signing a transaction

  • webnative-filecoin reads private/Keychain/fil-cosigner.json and signs a transaction with it
  • The user sends the transaction and a UCAN token with permission from the auth lobby to sign to the server.
  • The server checks the UCAN for proper permissions: ensuring that the permission has not expired (within 1hr per above) and that the amount of the transaction is within the granted spending limit.
  • If proper permissions, the server signs the transaction with their private key, aggregates the signature with the users, and sends the transaction to the Filecoin network

Cosigning Server

  • Runs the cosigning service and a Lotus node
  • Creates a per-user filecoin wallet address.
  • Integrates with lotus to read balances, send and receive transactions.