Abount Address Security
About secretKey
When a new ServerWallet is created using createAddress, a new privateKey is created in ServerWallet Server, and mnemonic and secretKey are returned along with address. mnemonic is used to restore using importAddress after saving.
The secretKey is generated per address and stored securely in ServerWallet Server. This is used for authentication when performing a signature operation using address . The hashKey generated through hash (tempKey + "|" + secretKey) is sent to the Token Server to authenticate using the secretKey stored in the ServerWallet Server and the delivered tempKey.
How to create a signature
When using an API that generates a transaction such as create, transfer, etc., a signature must be created and delivered as a parameter. signature creates a signature using signData of ServerWallet API. For example, in the case of transfer, the result of hashing a string made of "fromAddress | toAddress | amount | hashKey" with sha256 is made into a hex string, and then passing it as the data parameter of signData to generate a signature value.
Last updated