From Session Keys to Session Signatures: Part 1
Imagine you're stepping into the future of digital security, one where signing in with your web3 account paves the way for a new kind of data backpack with keys. Picture this key, as a trusty sidekick, generated from your browser and ready to assume the responsibilities you delegate to it.
This isn't exactly a novel idea. Modern cloud services, like Azure Storage and Amazon S3, use similar systems. But while these services hand over keys for specific tasks on specific resources (like giving a friend a key to only your front door), session keys are like granting someone the keys to your car, your office, and your gym locker, all at once, but only allowing them to start the car, open the office fridge, and grab your gym towel, respectively. In other words, session keys can oversee multiple operations across many resources, but they only do what you explicitly allow.
Working off the ideas of Spruce and Ceramic, at Lit we’re creating a system that is SIWE ReCap compliant in order to immediately interoperable with all other systems that also adopt this standard.
We refer to a session signature obtained from the user via session keys as a SessionSig
. It's like logging into a service with cookie-based authentication, allowing users to write and read from their storage without the need for constant permission checks. And, should your session key fall into the wrong hands, it's not a disaster. The harm a cyber burglar could cause is limited and the key can quickly be deactivated. It's a big leap forward in the intersection of security and convenience.
Welcome to the future of digital security, made simple.
What are Session Keys?
A session key is a unique string of data that is generated during a specific online session between two or more entities. This key acts as a protective layer of identity verification, ensuring that the data exchange in a given session is secured from external threats.
A session key operates by taking certain unique factors about a specific session, such as the time, date, and other session-specific details, and then uses these details to generate a signature.
Why are Session Keys Important?
Session signatures offer several essential benefits in terms of digital security:
Mitigate Replay Attacks
Protect against the node from running a replay attack on the user.
Lit prevents against nodes doing a replay attack is by including a nodeAddress
parameter in the session signature payload. A node can’t simply take a signature and authenticate against other nodes.
Scoped Capabilities
Another important thing to highlight is that session signatures (are intended to) have extremely narrow capabilities, such that if they ever get stolen, the attacker would have a very limited ability to operate on the owner’s resources.
Data Integrity
Session keys also serve to maintain data integrity by ensuring that the transmitted data has not been tampered with during the course of transmission. If any changes are made to the data, the session signature will also change, alerting the entities involved about potential data tampering.
Non-Repudiation
In digital communication, non-repudiation refers to the ability to ensure that a party to a transaction or communication cannot deny the authenticity of their signature. Session keys provide this non-repudiation because they are unique to the specific entities and session involved.
Applications of Session Keys
Session signatures have a wide array of applications:
Enhancing a user's Ethereum session during Sign-In by utilizing a user's personal datastore or identity hub.
- Integrating a user's personal photo album stored in their identity hub to display personalized profile pictures or accessing their personal calendar to provide reminders and notifications.
- Integrating a user's identity hub to access their location history and provide location-based services or recommendations during the session.
- Enhancing the Sign-In process by utilizing a user's identity hub to verify their age, allowing access to age-restricted content or services.
Facilitating the creation of exportable social media graphs through the issuance and management of Verifiable Credentials by users.
This enables users to securely share their social media connections and interactions.
- Allowing users to generate Verifiable Credentials for their social media profiles, including information such as follower counts, engagement metrics, and verified badges, which can be shared with potential collaborators or employers.
Seamless UX
- Set pre-approved conditions (time periods or allowlisted dApps) to automate transactions without leaving a gaming environment.
Applications with Lit
Letting A User Use Your Rate Limit Increase (RLI) NFT
- Alice owns a Rate Limit Increase NFT and wants to let Bob use it, but only for specific Lit Actions or another resource or set of resources that she owns.
Alice can create a session capability object that specifies the ability to Authenticate with an RLI NFT as well as request for Threshold Execution against a particular Lit Action IPFS CID(s). Alice then signs and issues these capabilities to Bob.
Bob can generate anAuthSig
by delegating equal rights to Bob's session keys, and attaching the capabilities granted to him by Alice as a proof in the session object. Bob can subsequently generate aSessionSig
that requests for Alice's RLI NFT and Lit Action IPFS CID in theresourceAbilityRequests
.
Letting A User Use Your Programmable Key Pair (PKP) For A Specific Lit Action
- Alice owns a PKP and Bob wants use it with a specific Lit Action that he has not authorized yet. He could use the smart contract and
addPermittedAction()
, run the function, thenremovePermittedAction()
function, but would prefer not to spend the gas and wait for blocks etc.
Alice can create a session capability object that specifies the ability to perform Threshold Execution with a PKP NFT. Alice then signs and issues this capability to Bob.
Bob can generate anAuthSig
by delegating equal rights to Bob's session keys, and attaching the capabilities granted to him by Alice as a proof in the session capability object. Bob can subsequently generate aSessionSig
that requests for Alice's PKP NFT as well as Bob's Lit Action IPFS CID in theresourceAbilityRequests
.
Example Alternative to Session Keys:
The dispatcher is an intermediate wallet with funds that act as the signer for every transaction. Delegate signing privileges to the dispatcher wallet which operates in the backend.
The dispatcher signing only works for post, comment, mirror, set profile metadata and set profile image. And only within the Lens environment!
All capabilities possible with session keys, in a different model and custom to Lens.
Stay tuned for part 2, where we'll dive deeper into the technical side of using session signatures with Lit.
Thanks to Howard Tam for the examples and review.