This post is a high-level summary of key setup and transactions in the Webnative Filecoin integration as of phase 2 completion. Please see the Filecoin Phase 2 Write Up for a deeper overview of the technical architecture.
- Users sign into the Filecoin Backup App through the Fission Auth Lobby using the webnative library
- Permission to read/write to
webnative-filecoingenerates the private key for one half of a BLS signature and stores it as
webnative-filecoinsends the corresponding public key to the cosigning server
- When the cosigning server receives a public key from webnative-filecoin, it generates a random private key that it stores alongside the public key sent by the user
webnative-filecoinsends the user to the Fission Auth Lobby to request permission to sign transactions
- In the current implementation, this is hardcoded at 1000 FIL max over one hour of time
private/Keychain/fil-cosigner.jsonand signs a transaction with it
- The user sends the transaction and a UCAN token with permission from the auth lobby to sign to the server.
- The server checks the UCAN for proper permissions: ensuring that the permission has not expired (within 1hr per above) and that the amount of the transaction is within the granted spending limit.
- If proper permissions, the server signs the transaction with their private key, aggregates the signature with the users, and sends the transaction to the Filecoin network
- Runs the cosigning service and a Lotus node
- Creates a per-user filecoin wallet address.
- Integrates with lotus to read balances, send and receive transactions.