Clarification on tkey-example

Help - Core-Kit
1

I am trying tkey by referencing tkey-example

Am I correct on the following statements?

  1. First step to call triggerLogin() is to use the 1st share (social identity)
  2. inputShareFromWebStorage() can help to use a 2nd share (device)
  3. inputShareFromSecurityQuestions() can help to use a 2rd share (password)
  4. I can use generateNewShareWithSecurityQuestions() to set a 2nd share (password)
  5. With any of the above 2 shares, I can call reconstructKey() (i.e. 1+2 or 1+3 or 2+3)
  6. If I reconstruct my key using 1+3, and would like to sync the wallet to 1+2. I have to delete the old device share and create the device share again.

Questions:

  • What do resp.publicAddress and resp.privateKey mean below when I haven’t reconstructed my private key? I can get a different public address from reconstructKey()
    const tKey = new ThresholdKey( ... );
const provider = tKey.serviceProvider as TorusServiceProvider;
await provider.init({ skipSw: true });
const resp = await provider.triggerLogin( ... );
  • What do tKey.initialize() and tKey._initializeNewKey() actually do and when should I run them? Can I run it just once but before triggerLogin()?
    const tKey = new ThresholdKey( ... );
const provider = tKey.serviceProvider as TorusServiceProvider;
await provider.init({ skipSw: true });
await provider.triggerLogin( ... );
await tKey.initialize();
return await tKey._initializeNewKey({ initializeModules: true });
  • Can I import a private key and override with the one linked to my shares? Or how do I create a new wallet from my shares?

Thanks in advance!

2

For the statement 1-5,
It is correct.

For statement 6,
Yes once you login on new device, you will need to generate new share for the device and save it in the device. You could keep the old device share if you want
There is module (web-storage) which help tkey to generate and save in localstorage for web application if you use that. Check out web storage module

  • Actually all share are private key in nature.
    For the provider’s private key, it was meant to be a pointer which you will get once you login to provider to retrieve Share A.

  • _initializeNewKey is a private function. you should not run it.
    it is called by the initalize() during first login.
    Calling the function would generate new tkey instead of reconstruct the same tkey.

  • While it is possible, it is not recommended to override with existing share. you can however import private key and generate new shares from tkey

2 Likes
3

Thank you @cherngwoei !

  1. To get the actual private key & wallet address, am I correct on the following approach?

    // Initialization
const tKey = new ThresholdKey( ... );
const provider = tKey.serviceProvider as TorusServiceProvider;
await provider.init({ skipSw: true });

// Login and set the 1st share
const resp = await provider.triggerLogin( ... );
await this.tKey.initialize();
// There is no use for resp.publicAddress and resp.privateKey

// Set the 2nd share
const webStorageModule = this.tKey.modules['webStorage'] as WebStorageModule;
await webStorageModule.inputShareFromWebStorage();

// Reconstruct my wallet
const result = await this.tKey.reconstructKey();

// My secure wallet
const wallet = new Wallet(result.privKey.toString('hex'));
const address = wallet.address;
const privateKey = wallet.privateKey;

  2. I see I can use private key module, does it only add a new wallet to my account? How do I remove a wallet?

  3. Does it mean recontructKey() always return the main wallet, and I can only retrieve other wallets afterwards?

4
  1. Yes, it is correct
  2. private key module offer a way for user to keep their private keys in tkey.
    It encrypt the private key with tkey and store in storage layer.
  3. yes reconstructKey will always return the main wallet and yes if you use private key module to store other private keys
1 Like
5

Thank you @cherngwoei !

I also have a question about the non-custody

From here, I can learn about where the shares are stored

But I am not sure about how the backup share is stored when I use Security Questions Module, users only supply a password, so how is the backup share stored?