iframeand transaction approvals occur in a pop-up window.
iframeand opening Identity in a new window via
iframecontext can handle transaction signing and message decryption. The
window.opencontext can handle log in, sign up, log out, and account management. Both
window.opencontexts communicate with the parent via
methodare requests that expect a response.
methodare responses to requests.
iddo not expect a response.
initialize. This message is sent in both
window.opencontexts. A response is required so Identity knows the hostname of the parent window.
accessLevelRequestas a query parameter when opening the Identity window. If no
accessLevelRequestis specified then
ApproveAllis used as the default.
loginmessage is sent. The login message does not expect a response and means the Identity window can be closed by calling
window.closeon the stored reference to the window.open.
publicKeywill be included in
publicKeyAdded. When a user approves a transaction the signed transaction will be included in
usersobjects in its local storage. When an application wants to sign or decrypt something the
encryptedSeedHexvalues will be required.
infomessages which helps Identity support Safari and Chrome on iOS. Apple's Intelligent Tracking Prevention (ITP) places strict limitations on cross-domain data storage and access. This means the Identity
iframemust request storage access every time the page reloads. When a user visits a BitClout application in Safari they will see a "Tap anywhere to unlock your wallet" prompt which is a giant button in the
iframe. When the
hasStorageAccess: false, an application should make the
iframetake over the entire page. Above, this means setting
requestingStorageAccess = true.
infomessage also detects if a user has disabled third party cookies. Third party cookies are required for Identity to securely sign transactions. If
browserSupported: falsean application should inform the user they will not be able to use Identity to sign or decrypt anything.
storageGrantedmessage when a user clicks "Tap anywhere to unlock your wallet." It does not expect a response. When an application receives this message it can hide the
iframefrom view and the
iframeis now ready to receive
window.opento acquire a
jwtmessage creates signed JWT tokens that can be used to verify a user's ownership of a specific public key.