Account Service¶
The Account Service allows you to create and sign in to accounts.
Wallets vs Accounts
Wallets and accounts are related and often interchangeable -- each account has an associated wallet, and operations on a wallet are performed using an account's access token.
Every account has exactly one wallet.
Authentication Tokens
When you create or sign in to an account, the response is an authentication token string.
This string is an encoded form of your account profile, as well as an access key to perform calls using the account.
These are effectively API keys; they should be kept safe and never published.
Sign In¶
Sign in to an existing account, or create a new one.
If no account details are passed to this method, an anonymous account will be created.
Request for creating or signing into an account
| Field | Type | Description |
|---|---|---|
| details | AccountDetails | Account registration details |
| invitation_code | string | Invitation code associated with this registration |
| ecosystem_id | string | ID of Ecosystem to sign into. Ignored if invitation_code is passed |
trinsic account login --email <PROFILE_EMAIL> --name <PROFILE_NAME>
const allison = (await accountService.signIn()).getProfile();
var myProfile = await myAccountService.SignInAsync(new());
my_profile = await account_service.sign_in()
profile, _, err := accountService.SignIn(context.Background(), &sdk.SignInRequest{})
if !assert2.Nil(err) {
return
}
var myProfile = accountService.signIn().get();
allison = account_service.sign_in(nil).profile
This operation, if successful, returns an authentication token string.
Protected Authentication Tokens
If you are attempting to login to a non-anonymous account (by specifying an email address or phone number), the authentication token returned will be protected, and cannot be used until it has been unprotected.
Trinsic will have sent a security code to the account's email address or phone number; this security code must be used with the Unprotect call to receive a usable authentication token.
In the future, we will provide an SDK call to determine if an authentication token is protected.
Get Account Info¶
Returns the account information (name, email address, phone number, etc.) used to create the currently-active account profile.
Note
This call returns the information associated with the authentication token used to create the request; therefore, it is not possible to pass a different authentication token to this call. Otherwise, Trinsic's zero-knowledge proof authentication scheme would be violated.
When using the CLI, this will return information for the account most recently logged in to.
When using the SDK, this will return information for the authentication token stored in the AccountService instance's ServiceOptions.AuthToken field, which will be the account most recently logged in to, unless you have manually set this value yourself.
trinsic account info
const info = await accountService.info();
var output = await myAccountService.GetInfoAsync();
info = await account_service.get_info()
info2, err2 := accountService.GetInfo(context.Background())
var info = accountService.getInfo().get();
info = account_service.get_info()
Information about the account used to make the request
| Field | Type | Description |
|---|---|---|
| details | AccountDetails | The account details associated with the calling request context |
| ecosystems | AccountEcosystem[] | Deprecated. Use ecosystem_id instead |
| wallet_id | string | The wallet ID associated with this account |
| device_id | string | The device ID associated with this account session |
| ecosystem_id | string | The ecosystem ID within which this account resides |
| public_did | string | The public DID associated with this account. This DID is used as "issuer" when signing verifiable credentials |
Protect Account Profile¶
Protects the specified account profile with a security code. It is not possible to execute this call using the CLI.
Info
In this context, "protection" refers to a cryptographic operation on the authorization token for an account.
Protecting an account profile with code c returns a new access token which is unusable until it is unprotected with the same code c. It is not possible to reverse the protection process without the original protection code.
You will receive a protected account profile from Trinsic if you attempt to sign in to an account via email, SMS, or any other method which requires authentication. Trinsic will send a security code to the email or phone number associated with the account, which can be used to unprotect the account profile.
Specifically, Trinsic is using Oberon to handle access tokens; protection and unprotection is handled using the blinding/unblinding features of Oberon.
const protectedProfile = await accountService.protect(accountProfile, "1234");
var securityCode = "1234";
var myProtectedProfile = AccountService.Protect(myProfile, securityCode);
var myUnprotectedProfile = AccountService.Unprotect(myProtectedProfile, securityCode);
code = b"1234"
my_protected_profile = account_service.protect(
profile=my_profile, security_code=code
)
with self.assertRaises(Exception) as ve:
await self.print_get_info(account_service, my_protected_profile)
my_unprotected_profile = account_service.unprotect(
profile=my_protected_profile, security_code=code
)
securityCode := "1234"
protectedProfile, err := accountService.Protect(profile, securityCode)
if !assert2.Nil(err) {
return
}
unprotectedProfile, err := accountService.Unprotect(protectedProfile, securityCode)
if !assert2.Nil(err) {
return
}
var code = "1234";
var myProtectedProfile = AccountService.protect(myProfile, code);
var myUnprotectedProfile = AccountService.unprotect(myProtectedProfile, code);
protected_profile = account_service.protect(account_profile, '1234')
Unprotect Account Profile¶
Unprotects the specified account profile using the given code. It is not possible to execute this call using the CLI.
The profile must have been previously protected using the same code that is being used to unprotect it. Profiles can be protected using any arbitrary code via the Protect method.
Most commonly, this method is used on a protected profile received from the Sign In method. The code to unprotect it will have been sent to the account owner via email or SMS.
const accountProfile = await accountService.unprotect(protectedProfile, "1234");
var securityCode = "1234";
var myProtectedProfile = AccountService.Protect(myProfile, securityCode);
var myUnprotectedProfile = AccountService.Unprotect(myProtectedProfile, securityCode);
code = b"1234"
my_protected_profile = account_service.protect(
profile=my_profile, security_code=code
)
with self.assertRaises(Exception) as ve:
await self.print_get_info(account_service, my_protected_profile)
my_unprotected_profile = account_service.unprotect(
profile=my_protected_profile, security_code=code
)
securityCode := "1234"
protectedProfile, err := accountService.Protect(profile, securityCode)
if !assert2.Nil(err) {
return
}
unprotectedProfile, err := accountService.Unprotect(protectedProfile, securityCode)
if !assert2.Nil(err) {
return
}
var code = "1234";
var myProtectedProfile = AccountService.protect(myProfile, code);
var myUnprotectedProfile = AccountService.unprotect(myProtectedProfile, code);
account_profile = account_service.unprotect(protected_profile, '1234')