Authentication

Authentication in ZenZ is powered by ZAT(ZenZ Authentication Token), which is unified authentication for web2, web3, AI worlds inspired from JWT syntax.

ZAT

ZAT allows both PKI(PublicKey Infrastructure) based authentication as well as traditional JWT.

It defines a authorization framework that differentiates PKI token, JWT token, PASETO token and more

Syntax

<HEADER>.<BODY>.<SIGNATURE>

HEADER


{
    ver?: number;           // Optional: "Version" of the token
    typ: ZatType;      // "Type" of the token
    sig?: SigAlgoWithCurve; // Optional: "Signing algorithm" along with curve been used
    "#"?: HashAlgorithm;    // Optional: "Hashing algorithm" used being signing the actual payload
}

ZatType can be PKI_SESSION, JWT and PKI_CHALLENGE

BODY


{
    exp: number;   // * Time of token expiry
    sfn?: boolean; // Optional: Determines whether stateful or stateless authentication
    msg?: string   // Optional: Custom message used for signing
}

SIGNATURE


{
    dig: string;   // Hex string of the signature digest
}

Structs

ZatType


type ZatType = PKI_SESSION | JWT | PKI_CHALLENGE

Examples

PKI ZatType


import { generate, zatTypes } from "js-zenz-client/zat";
import { 
    SigningAlgos, 
    ZatTypes,
    HashAlgos,
    KeyCurves
} from "js-zat/lib";
 
const signingKey: zatTypes.Key = {
    pk: "... hex string of the private key ...",
    pub: "... hex string of the public key ...", // Optional while generation
    curve: KeyCurves.Secp256k1 // curve associated to above pk and pub keys
} 
 
const opts: zatTypes.GenTknOpts = { // Optional
    
    version: 1 // Optional. Default = 1
 
    // Optional: Default = null
    message: "" // Pass this value if ZATTokenType is `Basic`
 
    // Optional: Default = "ECDSA"
    sigAlgo: SigningAlgos.Ecdsa // Signing algorithm to be used. 
 
    // Optional. Default = "BLAKE_2B"
    hashAlgo: HashAlgos.Blake2b // Hash algorithm to be used.
}
 
const zat = generate(ZatType.PKI_Session, signingKey, opts);