Authentication

Proof of Authority as an authentication hierarchy tree. Starting at the 'ROOT' genesis block.

To obtain write privileges to interact with the NxtFi blockchain, each user/entity must generate a key pair using the RSA-PSS specification.

After the key-pair generation process is successful, according to the Proof-of-Authority mechanism, every PubKey needs to be approved by a higher hierarchy authenticated key-pair before it can interact with NxtFi in any way.

Higher hierarchy key-pairs can only grant or revoke permissions, and are like parent elements. However, they will never be able to sign on behalf of other key-pairs.

IMPORTANT: To write new blocks on TestNet blockchain either through playground or directly with the API, an administrator must first register your public key and release the necessary permissions.

Key-pair generation

The generation of a public-private key pair is done as follows in Javascript:

window.crypto.subtle.generateKey(
    {
        name: "RSA-PSS",
        modulusLength: 2048, //can be 1024, 2048, or 4096
        publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
        hash: {name: "SHA-256"}, //can be "SHA-1", "SHA-256", "SHA-384", or "SHA-512"
    },
    false, //whether the key is extractable (i.e. can be used in exportKey)
    ["sign", "verify"] //can be any combination of "sign" and "verify"
)
.then(function(key){
    //returns a keypair object
    console.log(key);
    console.log(key.publicKey);
    console.log(key.privateKey);
})
.catch(function(err){
    console.error(err);
});

Request permission for your key

Currently, authorization for new keys is done manually. Please contact the NxtFi administrator to request the necessary permissions to write new blocks.

PreviousPlayground NextCreate New Block

Last updated 1 year ago