The MakeOS network uses Public Key Infrastructure for handling identity, verifying ownership of resources, signing and authorizing actions targeted at these resources. MakeOS uses Ed25519 public-key signature system for all signing operations.
There are two types of keys:
A standard key is an Ed25519 key that can own a Balance Account on the network. A standard key does not become connected to a network Balance Account until it receives an inbound blockchain transaction.
Standard keys are used to sign transactions that transfer the native coin or user-owned assets from one account to another.
Standard keys own every other resource on MakeOS and can be identified by their unique address which is generated using bech32 address format and begins with
A push key is used to sign a git push transaction. When a developer is ready to push an update to their repository, they must sign the commit and create an authentication token (or Push Token) using a key.
A PushKey represents a repository contributor. Repository administrators or maintainers can assign privileges and issues to Push Key.
A Standard Key and PushKey both are Ed25519 keys except a Push Key cannot have a balance associated with it.
A PushKey is created and owned by a Balance Account. A repository admin can be created an Ed25519 key, register it on the network as a PushKey, add it as a contributor to their repository and send the key to an employee.
A PushKey does not pay its own network transaction fees. Instead, the Balance Account that registered it will be responsible for paying any fees incurred by the Push Key. For example, this model is useful for structures where an organization wishes to bear the cost of their employees contributions to a repository of their choosing.
A PushKey can have a fee cap that will prevent it from spending more than a maximum amount of the registrar account balance. It can also be limited to work with one or several repositories.
A PushKey is identified by a bech32 address prefixed with
The Kit client manages a keystore on the machine it is installed on. Ed25519 keys are stored in an encrypted format using a passphrase provided by the node owner.
kit key create command to create a new key
kit key create
Your new key needs to be locked. Please enter a passphrase.Passphrase> *****Repeat Passphrase> *****✅ Key successfully created!- Address: os1m4aaslnzmdp4k3g52tk6eh94ghr547exvtcrkd
You will be prompted to provide a passphrase which will be used to encrypt the new key. You can skip the interactive prompt by providing your passphrase directly using the
A PushKey is also created using the
kit key create command but with the addition of the
kit key create --push
Your new key needs to be locked. Please enter a passphrase.Passphrase> ******Repeat Passphrase> ******✅ Key successfully created!- Address: pk1wfx7vp8qfyv98cctvamqwec5xjrj48tpxaa77t
--push flag will create a regular ed25519 key with keystore type set to
push. This makes it possible to distinguish keys dedicated for pushing to a repository.
You can get or inspect a given key using the
kit key get command.
kit key get os1m4aaslnzmdp4k3g52tk6eh94ghr547exvtcrkd
Passphrase> *****✅ Key revealed successfully!- User Address: os1m4aaslnzmdp4k3g52tk6eh94ghr547exvtcrkd- Push Address: pk1wfx7vp8qfyv98cctvamqwec5xjrj48tpxaa77t- Public Key: 48jVDAtY16aXwiccMvCT1UHawWvvoSTDJ7e6hHwM2K3wJvgn5sK
By default, the private key will not be returned in the output. Use the
--show-key flag to force the private key to be rendered.
To see a list of keys in your keystore, use the
kit key listcommand.
kit key list
Address Date Created Tag(s) os1m4aaslnzmdp4k3g52tk6eh94ghr547exvtcrkd 1 week ago pk1wfx7vp8qfyv98cctvamqwec5xjrj48tpxaa77t 1 week ago unprotected
This command outputs both regular and PushKeys.
Keys with an
unprotected tag are those that were not created with a unique passphrase. All keys are encrypted but unprotected keys are encrypted with a default key which is equivalent to not adding a key at all.
You may need to import a private key from a different machine. Use the
import the command to import an existing base58 encoded private key into your local keystore:
kit key import "wetT9rgtetCHJ...GmzRUPU1SmrfNSy4j7DDJ"
Passphrase> ******Repeat Passphrase> ******✅ Key imported successfully!- Address: pk1wfx7vp8qfyv98cctvamqwec5xjrj48tpkfwme7