Skip to content

Account Service

The Account Service allows you to create and sign in to accounts.

Wallets vs Accounts

Wallets and accounts are related and often interchangeable -- each account has an associated wallet, and operations on a wallet are performed using an account's access token.

Every account has exactly one wallet.

Authentication Tokens

When you create or sign in to an account, the response is an authentication token string.

This string is an encoded form of your account profile, as well as an access key to perform calls using the account.

These are effectively API keys; they should be kept safe and never published.

Sign In

Sign in to an existing account, or create a new one.

If no account details are passed to this method, an anonymous account will be created.

Request for creating or signing into an account

Field Type Description
details AccountDetails Account registration details
invitation_code string Invitation code associated with this registration
ecosystem_id string ID of Ecosystem to sign into. Ignored if invitation_code is passed

Account registration details

Field Type Description
name string Account name
email string Email account
sms string SMS number including country code

trinsic account login --email <PROFILE_EMAIL> --name <PROFILE_NAME>
const allison = (await accountService.signIn()).getProfile();
var myProfile = await myAccountService.SignInAsync(new());
my_profile = await account_service.sign_in()
profile, _, err := accountService.SignIn(context.Background(), &sdk.SignInRequest{})
if !assert2.Nil(err) {
    return
}
var myProfile = accountService.signIn().get();
allison = account_service.sign_in(nil).profile

This operation, if successful, returns an authentication token string.

Protected Authentication Tokens

If you are attempting to login to a non-anonymous account (by specifying an email address or phone number), the authentication token returned will be protected, and cannot be used until it has been unprotected.

Trinsic will have sent a security code to the account's email address or phone number; this security code must be used with the Unprotect call to receive a usable authentication token.

In the future, we will provide an SDK call to determine if an authentication token is protected.

Get Account Info

Returns the account information (name, email address, phone number, etc.) used to create the currently-active account profile.

Note

This call returns the information associated with the authentication token used to create the request; therefore, it is not possible to pass a different authentication token to this call. Otherwise, Trinsic's zero-knowledge proof authentication scheme would be violated.

When using the CLI, this will return information for the account most recently logged in to.

When using the SDK, this will return information for the authentication token stored in the AccountService instance's ServiceOptions.AuthToken field, which will be the account most recently logged in to, unless you have manually set this value yourself.

trinsic account info
const info = await accountService.info();
var output = await myAccountService.GetInfoAsync();
info = await account_service.get_info()
info2, err2 := accountService.GetInfo(context.Background())
var info = accountService.getInfo().get();
info = account_service.get_info()

Information about the account used to make the request

Field Type Description
details AccountDetails The account details associated with the calling request context
ecosystems AccountEcosystem[] Deprecated. Use ecosystem_id instead
wallet_id string The wallet ID associated with this account
device_id string The device ID associated with this account session
ecosystem_id string The ecosystem ID within which this account resides
public_did string The public DID associated with this account. This DID is used as "issuer" when signing verifiable credentials

Protect Account Profile

Protects the specified account profile with a security code. It is not possible to execute this call using the CLI.

Info

In this context, "protection" refers to a cryptographic operation on the authorization token for an account.

Protecting an account profile with code c returns a new access token which is unusable until it is unprotected with the same code c. It is not possible to reverse the protection process without the original protection code.

You will receive a protected account profile from Trinsic if you attempt to sign in to an account via email, SMS, or any other method which requires authentication. Trinsic will send a security code to the email or phone number associated with the account, which can be used to unprotect the account profile.

Specifically, Trinsic is using Oberon to handle access tokens; protection and unprotection is handled using the blinding/unblinding features of Oberon.

const protectedProfile = await accountService.protect(accountProfile, "1234");
var securityCode = "1234";
var myProtectedProfile = AccountService.Protect(myProfile, securityCode);
var myUnprotectedProfile = AccountService.Unprotect(myProtectedProfile, securityCode);
code = b"1234"
my_protected_profile = account_service.protect(
    profile=my_profile, security_code=code
)
with self.assertRaises(Exception) as ve:
    await self.print_get_info(account_service, my_protected_profile)

my_unprotected_profile = account_service.unprotect(
    profile=my_protected_profile, security_code=code
)
securityCode := "1234"
protectedProfile, err := accountService.Protect(profile, securityCode)
if !assert2.Nil(err) {
    return
}
unprotectedProfile, err := accountService.Unprotect(protectedProfile, securityCode)
if !assert2.Nil(err) {
    return
}
var code = "1234";
var myProtectedProfile = AccountService.protect(myProfile, code);
var myUnprotectedProfile = AccountService.unprotect(myProtectedProfile, code);
protected_profile = account_service.protect(account_profile, '1234')

Unprotect Account Profile

Unprotects the specified account profile using the given code. It is not possible to execute this call using the CLI.

The profile must have been previously protected using the same code that is being used to unprotect it. Profiles can be protected using any arbitrary code via the Protect method.

Most commonly, this method is used on a protected profile received from the Sign In method. The code to unprotect it will have been sent to the account owner via email or SMS.

const accountProfile = await accountService.unprotect(protectedProfile, "1234");
var securityCode = "1234";
var myProtectedProfile = AccountService.Protect(myProfile, securityCode);
var myUnprotectedProfile = AccountService.Unprotect(myProtectedProfile, securityCode);
code = b"1234"
my_protected_profile = account_service.protect(
    profile=my_profile, security_code=code
)
with self.assertRaises(Exception) as ve:
    await self.print_get_info(account_service, my_protected_profile)

my_unprotected_profile = account_service.unprotect(
    profile=my_protected_profile, security_code=code
)
securityCode := "1234"
protectedProfile, err := accountService.Protect(profile, securityCode)
if !assert2.Nil(err) {
    return
}
unprotectedProfile, err := accountService.Unprotect(protectedProfile, securityCode)
if !assert2.Nil(err) {
    return
}
var code = "1234";
var myProtectedProfile = AccountService.protect(myProfile, code);
var myUnprotectedProfile = AccountService.unprotect(myProtectedProfile, code);
account_profile = account_service.unprotect(protected_profile, '1234')