@openfort/openfort-js v0.6.12

Openfort.js Library

The Openfort js library provides convinient access to handle client session keys and return signed messages back to Openfort from applications written in client-side JavaScript.

Installation

npm install @openfort/openfort-js

yarn add @openfort/openfort-js

Usage

With the Openfort Unity SDK, you can sign transaction intents using one of four methods or signers:

const sdk = new Openfort("pk_test_XXXXXXX");

1. Session Signer

The Session Signer allows you to use external signing keys, without needing to provide it every time. Here's how to use it:

• Configure the Session Key: Call configureSessionKey(). This method returns an Ethereum address and a boolean indicating whether you need to register the key from the backend.

const sessionKey = sdk.configureSessionKey();

• Register Key and Send Signature Session Request: If sessionKey.isRegistered boolean is false, register the key from the backend. Refer to the documentation for session management.
• Send Signature Transaction Intent Request: When calling sendSignatureTransactionIntentRequest, pass the transaction intent ID and the user operation hash. The session signer will handle the signing.

2. External Sign

This method allows you to externally sign transaction intents without logging in or additional configurations:

• Call SendSignatureTransactionIntentRequest: Simply pass the transaction intent ID and the signature.

const response = await sdk.sendSignatureTransactionIntentRequest("transactionIntentId", null, "signature");

3. Embedded Signer

The Embedded Signer uses SSS to manage the private key on the client side. To learn more, visit our security documentation.

• Login and Configure the Embedded Signer: First, ensure the user is logged in, using LoginWithEmailPassword, AuthenticateWithOAuth or if not registred SignUpWithEmailPassword. Then call ConfigureEmbeddedSigner. If a MissingRecoveryMethod exception is thrown, it indicates there's no share on the device and you have to call ConfigureEmbeddedRecovery to provide a recovery method.

try {
    await sdk.loginWithEmailPassword("email", "password");
    sdk.configureEmbeddedSigner(chainId);
} catch (e) {
    if (e instanceof MissingRecoveryMethod) {
        await sdk.configureEmbeddedSignerRecovery(new PasswordRecovery("password"));
    }
}

For now the only recovery method available is the PasswordRecovery method.

• Send Signature Transaction Intent Request: Similar to the session signer, pass the transaction intent ID and the user operation hash. The embedded signer reconstructs the key and signs the transaction.

const response = await sdk.sendSignatureTransactionIntentRequest("transactionIntentId", "userOp");

Usage examples

• Next.js application with non-custodial signer
• Next.js application with custodial signer and social login