Lit Actions SDK

Need help reading this?

Welcome

Welcome to the Lit Actions SDK Docs. These functions can be used inside a Lit Action. You should prefix each function with "Lit.Actions." so to call "isPermittedAction()" you should do "Lit.Actions.isPermittedAction()" To understand how these functions fit together, please view the documentation for this SDK, located at https://developer.litprotocol.com/

Signing

signEcdsa

Ask the Lit Node to sign any data using the ECDSA Algorithm with it's private key share. The resulting signature share will be returned to the Lit JS SDK which will automatically combine the shares and give you the full signature to use.

signEcdsa(params: Object): string
Parameters
params (Object)
Name Description
params.toSign Uint8Array The data to sign. Should be an array of 8-bit integers.
params.publicKey string The public key of the PKP you wish to sign with
params.sigName string You can put any string here. This is used to identify the signature in the response by the Lit JS SDK. This is useful if you are signing multiple messages at once. When you get the final signature out, it will be in an object with this signature name as the key.
Returns
string: This function will return the string "success" if it works. The signature share is returned behind the scenes to the Lit JS SDK which will automatically combine the shares and give you the full signature to use.

ethPersonalSignMessageEcdsa

Ask the Lit Node to sign a message using the eth_personalSign algorithm. The resulting signature share will be returned to the Lit JS SDK which will automatically combine the shares and give you the full signature to use.

ethPersonalSignMessageEcdsa(params: Object): string
Parameters
params (Object)
Name Description
params.message string The message to sign. Should be a string.
params.publicKey string The public key of the PKP you wish to sign with
params.sigName string You can put any string here. This is used to identify the signature in the response by the Lit JS SDK. This is useful if you are signing multiple messages at once. When you get the final signature out, it will be in an object with this signature name as the key.
Returns
string: This function will return the string "success" if it works. The signature share is returned behind the scenes to the Lit JS SDK which will automatically combine the shares and give you the full signature to use.

Checking Permissions

isPermittedAction

Check if a given IPFS ID is permitted to sign using a given PKP tokenId

isPermittedAction(params: Object): boolean
Parameters
params (Object)
Name Description
params.tokenId string The tokenId to check
params.ipfsId string The IPFS ID of some JS code (a lit action)
Returns
boolean: A boolean indicating whether the IPFS ID is permitted to sign using the PKP tokenId

isPermittedAddress

Check if a given wallet address is permitted to sign using a given PKP tokenId

isPermittedAddress(params: Object): boolean
Parameters
params (Object)
Name Description
params.tokenId string The tokenId to check
params.address string The wallet address to check
Returns
boolean: A boolean indicating whether the wallet address is permitted to sign using the PKP tokenId

isPermittedAuthMethod

Check if a given auth method is permitted to sign using a given PKP tokenId

isPermittedAuthMethod(params: Object): boolean
Parameters
params (Object)
Name Description
params.tokenId string The tokenId to check
params.authMethodType number The auth method type. This is an integer. This mapping shows the initial set but this set may be expanded over time without updating this contract: https://github.com/LIT-Protocol/LitNodeContracts/blob/main/contracts/PKPPermissions.sol#L25
params.userId Uint8Array The id of the auth method to check expressed as an array of unsigned 8-bit integers (a Uint8Array)
Returns
boolean: A boolean indicating whether the auth method is permitted to sign using the PKP tokenId

getPermittedActions

Get the full list of actions that are permitted to sign using a given PKP tokenId

getPermittedActions(params: Object): Array<string>
Parameters
params (Object)
Name Description
params.tokenId string The tokenId to check
Returns
Array<string>: An array of IPFS IDs of lit actions that are permitted to sign using the PKP tokenId

getPermittedAddresses

Get the full list of addresses that are permitted to sign using a given PKP tokenId

getPermittedAddresses(params: Object): Array<string>
Parameters
params (Object)
Name Description
params.tokenId string The tokenId to check
Returns
Array<string>: An array of addresses that are permitted to sign using the PKP tokenId

getPermittedAuthMethods

Get the full list of auth methods that are permitted to sign using a given PKP tokenId

getPermittedAuthMethods(params: Object): Array<Object>
Parameters
params (Object)
Name Description
params.tokenId string The tokenId to check
Returns
Array<Object>: An array of auth methods that are permitted to sign using the PKP tokenId. Each auth method is an object with the following properties: auth_method_type, id, and user_pubkey (used for web authn, this is the pubkey of the user's authentication keypair)

Utilities

checkConditions

Checks a condition using the Lit condition checking engine. This is the same engine that powers our Access Control product. You can use this to check any condition that you can express in our condition language. This is a powerful tool that allows you to build complex conditions that can be checked in a decentralized way. Visit https://developer.litprotocol.com and click on the "Access Control" section to learn more.

checkConditions(params: Object): boolean
Parameters
params (Object)
Name Description
params.conditions Array<Object> An array of access control condition objects
params.authSig Object The AuthSig to use for the condition check. For example, if you were checking for NFT ownership, this AuthSig would be the signature from the NFT owner's wallet.
params.chain string The chain this AuthSig comes from
Returns
boolean: A boolean indicating whether the condition check passed or failed

setResponse

Set the response returned to the client

setResponse(params: Object)
Parameters
params (Object)
Name Description
params.response string The response to send to the client. You can put any string here, like you could use JSON.stringify on a JS object and send it here.

call

Call a child Lit Action

call(params: Object): string
Parameters
params (Object)
Name Description
params.ipfsId string The IPFS ID of the Lit Action to call
params.params Object The parameters to pass to the child Lit Action
Returns
string: The response from the child Lit Action. Note that any signatures performed by the child Lit Action will be automatically combined and returned with the parent Lit Action to the Lit JS SDK client.

pubkeyToTokenId

Converts a PKP public key to a PKP token ID by hashing it with keccak256

pubkeyToTokenId(params: Object): string
Parameters
params (Object)
Name Description
params.publicKey string The public key to convert
Returns
string: The token ID as a string

uint8arrayToString

Convert a Uint8Array to a string. This is a re-export of this function: https://www.npmjs.com/package/uint8arrays#tostringarray-encoding--utf8

uint8arrayToString(array: Uint8Array, encoding: string): string
Parameters
array (Uint8Array) The Uint8Array to convert
encoding (string) The encoding to use. Defaults to "utf8"
Returns
string: The string representation of the Uint8Array

uint8arrayFromString

Convert a string to a Uint8Array. This is a re-export of this function: https://www.npmjs.com/package/uint8arrays#fromstringstring-encoding--utf8

uint8arrayFromString(string: string, encoding: string): Uint8Array
Parameters
string (string) The string to convert
encoding (string) The encoding to use. Defaults to "utf8"
Returns
Uint8Array: The Uint8Array representation of the string

getPermittedAuthMethodScopes

Get the permitted auth method scopes for a given PKP tokenId and auth method type + id

getPermittedAuthMethodScopes(params: Object): Array<boolean>
Parameters
params (Object)
Name Description
params.tokenId string The tokenId to check
params.authMethodType string The auth method type to look up
params.userId Uint8Array The id of the auth method to check expressed as an array of unsigned 8-bit integers (a Uint8Array)
params.maxScopeId number The maximum scope id to check. This is an integer.
Returns
Array<boolean>: An array of booleans that define if a given scope id is turned on. The index of the array is the scope id. For example, if the array is [true, false, true], then scope ids 0 and 2 are turned on, but scope id 1 is turned off.

getLatestNonce

Gets latest nonce for the given address on a supported chain

getLatestNonce(params: Object): string
Parameters
params (Object)
Name Description
params.address string The wallet address for getting the nonce
params.chain string The chain of which the nonce is fetched
Returns
string: The token ID as a string