We are using core kit to handle our auth flow. Everything is working.
We are now working on session management and found that we can use metadata storage in order to store the postboxkey. This key can be used as a share to reconnect to the wallet, everything is ok.
But we would like to understand well what this key is really.
It’s not the wallet private key, it’s neither the key used to encrypt & store session, it’s given when the wallet is connected, but what it really is ?
so basically postbox-key is completely differnent from the final private key.
Assuming that you are using MFA Flow at TKey Core kit.
You know that user needs a threshold of 2 out of n key shares to access their private key.
The postbox key is just an input value used to get the service provide share.
So simply, input → postbox key, output → service provide Share (aka Share A)
and final private key → reconstructed result of 2 out of n shares (can be Share A, Share B, etc)
You can refer this link for more details.
Thanks, pepper
Ok so we can say that it is a representation of a Share A, it only describe the fact that user was connected using share A, and so allow the metadata interactions. Thanks.
One more question, is it possible to handle a session validity ?
We know that we can ask the session to be valid for a given amount of time.
If the user close his browser and come back, we are able to reconnect him with this key & another share, it’s ok.
But does the session time that we gave on first connect will be increase ? Should we do it manually ? If yes, how ?
Is there a parameter or something ? Or should we destroy the session and recreate new one each time a user reconnect ?
We don’t want users to be disconnected after the initial time if they use our service constantly.
Hello @metadefi
For ease of search and to better address future questions, we’re suggesting that you create a new topic when you post a question that is different from your original question.
You can do session management. The idea behind session management is to use a session id which encrypts your private key. This session id can be stored easily in the local storage and have some timeout set in the backend. Encrypted private key sits in the backend.
