API
account.proto
Services
AccountService
Method Name |
Request Type |
Response Type |
Description |
Status |
StatusRequest |
StatusResponse |
Status provides a string message describing the current state of the plugin. The content of the returned state is left to the developer’s discretion. Examples include information on the business-level state (e.g. currently unlocked accounts) and process-level state (e.g. is plugin healthy) |
Open |
OpenRequest |
OpenResponse |
The specific behaviour of Open will depend on the backend being implemented. It may be that Open is not required in which case it should be implemented as a no-op. It should not unlock or decrypt account keys. Open may be used to initialize resources or create a connection to the storage backend. It should be expected that any allocated resources or connections can be released by calling Close. |
Close |
CloseRequest |
CloseResponse |
The specific behaviour of Close will depend on the backend being implemented. It may be that Close is not required, in which case it should be implemented as a no-op. Close releases any resources or connections allocated by Open. |
Accounts |
AccountsRequest |
AccountsResponse |
Accounts returns the currently available accounts managed by the plugin. |
Contains |
ContainsRequest |
ContainsResponse |
Contains returns whether the provided account is managed by the plugin. |
Sign |
SignRequest |
SignResponse |
Sign signs the provided data with the specified account |
UnlockAndSign |
UnlockAndSignRequest |
SignResponse |
UnlockAndSign unlocks the specified account with the provided passphrase and uses it to sign the provided data. The account will be locked once the signing is complete. It may be that the storage backend being implemented does not rely on passphrase-encryption, in which case the passphrase parameter should be ignored when unlocking. |
TimedUnlock |
TimedUnlockRequest |
TimedUnlockResponse |
TimedUnlock unlocks the specified account with the provided passphrase for the duration provided. The duration is provided in nanoseconds. It may be that the storage backend being implemented does not rely on passphrase-encryption, in which case the passphrase parameter should be ignored when unlocking. |
Lock |
LockRequest |
LockResponse |
Lock immediately locks the specified account, overriding any existing timed unlocks. |
NewAccount |
NewAccountRequest |
NewAccountResponse |
NewAccount creates a new account and stores it in the backend. The newAccountConfig is provided as a generic json-encoded byte array to allow for the structure of the config to be left to the developer’s discretion. |
ImportRawKey |
ImportRawKeyRequest |
ImportRawKeyResponse |
ImportRawKey creates a new account from the provided hex-encoded private key and stores it in the backend. Validation of the hex string private key is not required as this handled by Quorum. The newAccountConfig is provided as a generic json-encoded byte array to allow for the structure of the config to be left to the developer’s discretion. |
Messsages
Account
Note: The Account type is used only in Response types.
All Request types which require an account to be specified use only the address to identify the account.
At the Quorum-level there is no knowledge of account URLs so the url field has been excluded from Requests to simplify the protocol.
Field |
Type |
Label |
Description |
address |
bytes |
|
20-byte ethereum address of the account |
url |
string |
|
URL for the stored account; format and structure will depend on the storage backend and is left to the developer’s discretion |
AccountsRequest
AccountsResponse
Field |
Type |
Label |
Description |
accounts |
Account |
repeated |
list of accounts managed by the plugin |
CloseRequest
CloseResponse
ContainsRequest
Field |
Type |
Label |
Description |
address |
bytes |
|
20-byte ethereum address of the account to search for |
ContainsResponse
Field |
Type |
Label |
Description |
isContained |
bool |
|
whether the account was found |
ImportRawKeyRequest
Field |
Type |
Label |
Description |
rawKey |
string |
|
hex-encoded private key to import and store in the storage backend |
newAccountConfig |
bytes |
|
json-encoded byte array providing the config necessary to create a new account; the config will be dependent on the storage backend and so its definition is left to the developer’s discretion |
ImportRawKeyResponse
Field |
Type |
Label |
Description |
account |
Account |
|
the imported account |
LockRequest
Field |
Type |
Label |
Description |
address |
bytes |
|
20-byte ethereum address of the account to lock |
LockResponse
NewAccountRequest
Field |
Type |
Label |
Description |
newAccountConfig |
bytes |
|
json-encoded byte array providing the config necessary to create a new account; the config will be dependent on the storage backend and so its definition is left to the developer’s discretion |
NewAccountResponse
Field |
Type |
Label |
Description |
account |
Account |
|
the created account |
OpenRequest
Field |
Type |
Label |
Description |
passphrase |
string |
|
passphrase required to open; may not be required by all storage backends, so its use is left to the developer’s discretion |
OpenResponse
SignRequest
Field |
Type |
Label |
Description |
address |
bytes |
|
20-byte ethereum address of the account to use |
toSign |
bytes |
|
data to sign |
SignResponse
Field |
Type |
Label |
Description |
sig |
bytes |
|
secp256k1 ECDSA signature in the 65-byte [R |
StatusRequest
StatusResponse
Field |
Type |
Label |
Description |
status |
string |
|
message describing the status of the plugin; message content is left to the developer’s discretion |
TimedUnlockRequest
Field |
Type |
Label |
Description |
address |
bytes |
|
20-byte ethereum address of the account to unlock |
password |
string |
|
passphrase required to unlock the account; may not be required by all storage backends, so its use is left to the developer’s discretion |
duration |
int64 |
|
number of nanoseconds the account should be unlocked for |
TimedUnlockResponse
UnlockAndSignRequest
Field |
Type |
Label |
Description |
address |
bytes |
|
20-byte ethereum address of the account to use |
toSign |
bytes |
|
data to sign |
passphrase |
string |
|
passphrase required to unlock the account; may not be required by all storage backends, so its use is left to the developer’s discretion |