Create a Policy

Policies are strictly bound to a specific Key ID. Currently, the primary method to create a policy is during the Distributed Key Generation (DKG) process, where the initial policy is defined alongside the key generation parameters.

Process Overview

Define Policy: The user defines the policy rules in JSON format.
Submit Request: The user creates a request payload containing the key parameters and the policy.
Sign Request: The request is signed by the Key Owner (User) to ensure authenticity.
Node Validation & Storage: The Node validates the signature and the policy content. Then, stores both the policy and the MAC, linked to the generated Key ID.

Upon receiving the request, the Node performs the following:

Authentication: Authenticates the request using the provided signatures (e.g. user_sig, WPBE_sig).
Policy Validation: Checks for conflicting rules and schema validity.
MAC Calculation: The Node calculates the MAC from the policy content.
Storage: The Policy and its MAC are stored securely in the database.

This ensures that the policy is bound to the key from the moment of creation.

Create Policy in Silent Network

Example

Follow this instruction to setup your Wallet Backend

curl -X POST "http://<YOUR_WALLET_BACKEND_ENDPOINT>/v2/rest/keygen" \
  -H "Content-Type: application/json" \
  -d '{
    "payload": [
      {
        "t": 2,
        "n": 3,
        "signAlg": "secp256k1",
        "metadata": [],
        "policy": {
          "version": "1.0",
          "description": "EIP-191 Policy",
          "rules": [{
            "description": "Allow specific message",
            "issuer": [{"type": "UserId", "id": "alice"}],
            "action": "allow",
            "chain_type": "ethereum",
            "conditions": [{
              "transaction_type": "eip191",
              "transaction_attr": "message",
              "operator": "eq",
              "value": "Sign me"
            }]
          }]
        },
        "ephClaim": "..."
      }
    ],
    "userSignatures": { ... }
  }'