Unveiling the Magic of LIT Network: Decoding Programmable Key Pairs for the Digital Age
Understanding PKP
PKP stands for Programmable Key Pairs. Imagine a key that’s smart and safe. With PKP, technology gets a big boost, especially in the online blockchain world. Dive in and discover the amazing things PKP can do for you!.
The Magic of Programmability
Then what is Programmable?
Think of your computer as a helpful friend that follows your instructions. Just like how we write programs to make things easier for us, Programmable PKPs are like tech wizards that do stuff automatically. Imagine a world where things happen like magic — that’s the secret these PKPs hold. Keep reading to unveil their enchanting capabilities! 🪄
Delving into Cryptography
As from the name, you can get an idea that it is something about key pairs. PKP is built on a special thing called a cryptographic key pair. Here’s the simple scoop:
- There are two keys: Public (for everyone) and Private (just for you).
- The Public key locks or confirms stuff, while the Private key unlocks or approves it. Easy, right?
- Public key is used for encryption and verification.
- Private key is used for decryption and signing.
Understanding Encryption & Decryption
Encryption is the process of converting plaintext into ciphertext(gibberish) to protect data.
Decryption reverses this process to retrieve the original plaintext from the ciphertext(gibberish text).
Verification & Signing
signing involves creating a digital signature using a private key to ensure data integrity and origin.
Verification confirms the authenticity of a digital signature
A Deeper Look into Programmable Key Pairs
Let’s move towards the main point which is Programmable Key Pairs (PKP). Unlike traditional public-private key pairs, PKPs have an additional layer of programmability, enabling developers to dynamically control and manage access to resources. Each Programmable Key Pair (PKP) is a versatile Multi-Party Computation (MPC) wallet that can be used to power a wide array of potential applications and use cases.
Wait, Wait, Wait! What is this term Multi-Party Computation(MPC)?
The shortest, simplest definition of MPC Is:
MPC, which stands for Multi-Party Computation, is like a teamwork magic trick. It lets different people work together to solve a puzzle using their secret information, without telling each other what their secrets are.
Technical definition: Multi-party computation (MPC) is a method that enables multiple parties to collaboratively compute a function using a set of private inputs, while keeping those inputs secret.
For now, just keep that in mind.
Every PKP is a flexible MPC wallet, ready to fuel various applications and uses.
MPC Wallet
An MPC (Multi-Party Computation) wallet is a highly secure cryptocurrency wallet that uses multiple participants’ inputs to create transactions, enhancing privacy and protection against single points of failure. Furthermore, the two-thirds majority voting mechanism ensures consensus and reduces vulnerability, making transactions even more trustworthy.
Introducing LIT Network
LIT network is basically a decentralized Key management system.
Key Management System
A key management system is a framework for generating, storing, distributing, and revoking cryptographic keys used for securing data and communication. Now LIT does the same thing but it is a bit advanced and enhanced network. Let’s explore it first and then let’s move to its use cases.
How LIT PKP Works
As said, It is a decentralized network, so nobody has the whole private key except the authorized one. All the nodes in the LIT network have a piece of the key but it is of no use to anyone. So when a user requires the private key, then two-thirds of the majority votes and then combining all their pieces make the full key. This makes it super hard for anyone to mess with your stuff or stop you from using it. Don’t get the concept. Relax, We are here. Let’s take an example.
In the LIT NETWORK, Each node only holds a piece, like a jigsaw puzzle. To make the full key work, these puzzle pieces have to come together, kind of like superheroes joining forces. Remember Avengers? This special key isn’t just for show — it’s used for important tasks, like sharing some critical data by signing the data. Sharing an NFT to some other user, etc. This phenomenon of combining all pieces of nodes to make a great product, which is in our case: Private key, is called Distributed Key Generation.
Note: The nodes that provide us with the piece of our jigsaw puzzle get their reward in terms of Lit protocol tokens.
Unlocking the Magic of Lit: Meet Programmable Hero
Let’s unravel the coolness that Lit brings to the table. We’re talking about super-smart wallets called “Programmable Key Pairs” (PKPs) that do more than just keep your stuff safe.
You can use script and code to automatically do things using LIT PKP. Ready to put your code to work? LIT PKP is here to be your digital assistant! With the power of programming, you can make things happen automatically.
Imagine giving your computer a set of instructions, like a recipe for it to follow. LIT PKP turns those instructions into actions. It’s like having a helper that follows your coding commands.
Want to send messages, shuffle data, or even do trading tricks? Your code and LIT PKP make it possible, creating a world of automated wonders. So, gear up your scripts and get ready to let the magic unfold!
Minting Programmable Key Pair (PKP)
Get ready to unlock the secrets of PKPs — Programmable Key Pairs. We’ve got a variety of cool ways to mint your own PKP and take control of your digital world.
Mint via Contracts:
- Lit has a custom EVM rollup testnet called Chronicle, You can mint an NFT from our PKP contract on Chronicle.
Mint via Social:
- You can mint a PKP by presenting a valid OAuth token as an authentication method to the Lit Relay server. At the time of this article, only Google OAuth tokens are supported however there are plans in place to support Discord soon.
Mint via Email/SMS (OTP):
- You can mint a PKP by presenting a generated token from successful OTP code confirmation, which will be returned by the lit-auth-client in the AuthMethod return from successful code confirmation.
Mint via WebAuthn:
You can mint a PKP by presenting a valid WebAuthn credential generated by your browser to the Lit Relay server.
There is a frontend developed by the people at Lit protocol that helps with this process, you can check it out hereIt currently supports both username-based and username-less WebAuthn registration, usernames are purely used for your convenience/reference on the client side.
Authentication Process
- When you call a Lit Action, you may pass Auth Methods that should be resolved. These could be things like a WebAuthn (Apple Passkey) signature, or an OAuth token from a service like Discord or Google. An authentication method refers to the specific credential (i.e. a wallet address, Google OAuth, or Discord account) that is programmatically tied to the PKP and used to control the underlying key pair. Only the auth method associated with a particular PKP can combine the underlying shares. You can read more about how authentication works here
There are currently two main ways to do auth with Lit Actions.
- Using Lit Auth Directly:
- Several auth methods are supported by Lit directly. These include methods configured using the PKPPermissions contract, the user holding the PKP NFT, or assigned via a Lit Action with permission to sign using the PKP. If you use Lit auth directly, you are limited to the auth methods that are supported by Lit. Existing supported lit-auth methods are: An address, An action, web authentication, Discord, OTP, Google and Google_JWT.
- Custom Auth:
- If you would like further customization over your PKP auth methods, you can do auth yourself with a Lit Action, using the auth helpers provided in the documentation In this scenario, after you give your Lit Action permission to use the PKP, the typical flow is to burn the PKP NFT or send it to itself.
However, it is imperative to understand that if you do decide to burn the PKP, you will be unable to add additional auth methods in the future. If you go this route, your auth looks like a bunch of if statements inside the Lit Action.
- Verification:
- The system verifies the authenticity of the public key against the corresponding private key stored securely.
- Access Control:
With access control, you can introduce private and permissioned data to the open web using decentralized encryption. Using Lit actions and PKPs you can provide decryption “keys” to users based on on-chain conditions, such as ownership over a specific NFT or membership within a DAO.
If you’re blockchain elite you understand how much of a big deal this is. This is a game changer in the context of backend web3 programming as lit actions in conjunction with a web3 storage service e.g. ceramic can decentralize backend services at scale.
For example, Lit Actions + PKPs + web3 storage can be a replacement for a traditional web2 backend. Consider a web3-based Twitter alternative that utilizes Ceramic as its data storage solution. By creating a PKP associated with a Ceramic stream and granting specific Lit Actions the capability to sign with that PKP, you can emulate the functionality of a web2 backend. The Lit Actions can enforce business logic to ensure that only accurate data is written to the Ceramic stream.
A quoteTweet() Lit Action could verify whether a user has already quoted a tweet before allowing the quote tweet to be recorded in the stream
Lit Network Use Cases
Use cases
The LIT network isn’t just for flashy magic — it has some seriously cool use cases!
- Secure Communication:
- PKPs master the art of encryption and decryption, ensuring your communication remains hidden from prying eyes. They safeguard your messages, allowing only the intended recipient to unveil their secrets.
2. Identity Access Management:
- PKPs become the gatekeepers of identity through digital Certificates and the prowess of SSH & TLS. With Digital Certificates, identities are bound to public keys, creating an invisible seal of authenticity. SSH & TLS take the stage, using private keys to authenticate like a secret handshake, granting access only to the rightful owner.
3. Multi-Factor Authentication:
- Ever wanted a spell to protect your digital treasures? PKPs play a vital role in Multi-Factor Authentication (MFA). With on-chain credentials, PKPs help fortify access to your beloved web2 applications and data. In the realm of 2FA, PKPs act as the second factor, doubling down on security and ensuring only the true bearer can enter the digital kingdom.
4. DEFI Automation
Meet your digital buddy, LIT ACTION. It’s like a set of smart instructions, and it’s kept super safe. Imagine you’re an artist, and you tell your brush what to do. LIT ACTION does the same, but for trading! It can help shuffle around your digital money to keep things balanced, kind of like a DJ mixing music to keep the party going.
Now, picture this: You set some rules like “When my money goes too much in one direction, move it around.” LIT ACTION listens to your rules and makes the moves for you. And guess what? You don’t need to worry about signing in with complicated keys. PKPs make it easy. It’s like having a special key that unlocks your trading moves effortlessly.
4. Web3 Social Apps
- Imagine social apps that put your data in your hands, web3 logins that safeguard your privacy, and even web2 methods like Apple Passkey in the mix. Plus, you can now build your reputation on-chain for true trust in the digital world. 🌐🔒🌟
5. PKP as Wallets
- PC wallets that bring ease to onboarding, no private key worries. 🪄🔒
Quick Start Guide for Developers:
PKPs and dApps: A Seamless Connection. Unveil the magic of PKPs in the realm of decentralized apps (dApps) using the Lit Protocol and WalletConnect V2:
Powerful Link-Up:
Combine PKPs with dApps through WalletConnect V2 to unlock a world of possibilities. Safely communicate between wallets and dApps using QR codes and deep linking. With PKPs, you can engage with dApps without exposing private keys.
Simple Steps to Connect:
Create a PKPClient to represent your PKP.
Initialize PKPWalletConnect with your PKPClient.
Subscribe and respond to session proposals and requests.
1. Create a PKPClient
PKPClient represents a PKP and initializes signers for use across multiple blockchains (note: EVM-only at the moment).
import { PKPClient } from '@lit-protocol/pkp-client';
const pkpClient = new PKPClient({
controllerAuthSig: '<Your AuthSig>',
// Or you can also pass in controllerSessionSigs
pkpPubKey: '<Your PKP public key>',
});
await pkpClient.connect();
The controllerAuthSig (or controllerSessionSigs) is used to authorize requests to the Lit nodes. To learn how to leverage different authentication methods, refer to the Authentication section.
To view more constructor options, refer to the API docs.
2. Initialize PKPWalletConnect with the PKPClient
PKPWalletConnect wraps @walletconnect/web3wallet to manage WalletConnect session proposals and requests using the given PKPClient.
import { PKPWalletConnect } from '@lit-protocol/pkp-walletconnect';
const config = {
projectId: '<Your WalletConnect project ID>',
metadata: {
name: 'Test Lit Wallet',
description: 'Test Lit Wallet',
url: 'https://litprotocol.com/',
icons: ['https://litprotocol.com/favicon.png'],
},
};
const wcClient = new PKPWalletConnect();
await wcClient.initWalletConnect(config);
wcClient.addPKPClient(pkpWallet)
3. Subscribe and respond to events
… Session Proposal …
Once the WalletConnect client is initialized, the PKP is ready to connect to dApps. The dApp will request to connect to your PKP through a session proposal. To respond to session proposals, subscribe to the session_proposal event.
pkpWalletConnect.on('session_proposal', async (proposal) => {
console.log('Received session proposal: ', proposal);
// Accept session proposal
await pkpWalletConnect.approveSessionProposal(proposal);
// Log active sessions
const sessions = Object.values(pkpWalletConnect.getActiveSessions());
for (const session of sessions) {
const { name, url } = session.peer.metadata;
console.log(`Active Session: ${name} (${url})`);
}
});
To trigger the session proposal, visit any WalletConnect V2 compatible dApp to obtain an URI. For an example, navigate to WalletConnect’s test dApp, choose ‘Ethereum’ network, and click “Connect”. A “Connect wallet” modal should appear with a copy icon located at the top right. Click on the icon to copy the URI.
// Pair using the given URI
await pkpWalletConnect.pair({ uri: uri });
4. Session Request
Once the session proposal is approved, the dApp can then request your PKP to perform actions, such as signing, via a session request. To acknowledge and respond to these session requests, set up an event listener for the session_request event.
pkpWalletConnect.on('session_request', async (requestEvent) => {
console.log('Received session request: ', requestEvent);
const { topic, params } = requestEvent;
const { request } = params;
const requestSession = signClient.session.get(topic);
const { name, url } = requestSession.peer.metadata;
// Accept session request
console.log(
`\nApproving ${request.method} request for session ${name} (${url})…\n`
);
await pkpWalletConnect.approveSessionRequest(requestEvent);
console.log(
`Check the ${name} dapp to confirm whether the request was approved`
);
});
5. Using SignClient
The @lit-protocol/pkp-walletconnect library exposes base functionality needed to pair PKPs to dApps, approve and reject session proposals, and respond to session requests. For extended capabilities, you can retrieve WalletConnect’s SignClient from the PKPWalletConnect instance.
const signClient = pkpWalletConnect.getSignClient();
For more information on their protocol and SDKs you can refer to the WalletConnect V2 docs
In essence, the Lit Network provides decentralized and programmable cryptographic solutions that help in crafting a secure, private, and programmable future.