package identity.unauth
Get desktop application:
View/edit binary Protocol Buffers messages
RPCs from a client (iOS, Android, or web) to identity service
Called by user to register with the Identity Service (PAKE only) Due to limitations of grpc-web, the Opaque challenge+response needs to be split up over two unary requests Start/Finish is used here to align with opaque protocol
message
identity_unauth.proto:119Request for registering a new user
bytes opaque_registration_request = 1
Message sent to initiate PAKE registration (step 1)
string username = 2
optional device_key_upload = 3
Information needed to open a new channel to current user's device
optional string farcaster_id = 4
string initial_device_list = 5
A stringified JSON object of the following format: { "rawDeviceList": JSON.stringify({ "devices": [<primary_device_id: string>] "timestamp": <UTC timestamp in milliseconds: int>, }), "curPrimarySignature": "base64-encoded primary device signature" } It's an empty string for older clients which don't sign device lists yet.
message
identity_unauth.proto:138bytes opaque_registration_request = 1
Message sent to initiate PAKE registration (step 1)
string username = 2
optional device_key_upload = 3
Information needed to open a new channel to current user's device
string keyserver_message = 4
Message from authoritative keyserver attesting that a given user has ownership of a given username
string keyserver_signature = 5
Above message signed with authoritative keyserver's signing ed25519 key
string initial_device_list = 6
A stringified JSON object of the following format: { "rawDeviceList": JSON.stringify({ "devices": [<primary_device_id: string>] "timestamp": <UTC timestamp in milliseconds: int>, }), "curPrimarySignature": "base64-encoded primary device signature" } It's an empty string for older clients which don't sign device lists yet.
message
identity_unauth.proto:162Messages sent from a client to Identity Service
string session_id = 1
Identifier to correlate RegisterStart session
bytes opaque_registration_upload = 2
Final message in PAKE registration
Called by user to register device and get an access token
message
identity_unauth.proto:188string username = 1
bytes opaque_login_request = 2
Message sent to initiate PAKE login (step 1)
optional device_key_upload = 3
Information specific to a user's device needed to open a new channel of communication with this user
optional bool force = 4
If set to true, the user's existing keyserver will be deleted from the identity service and replaced with this one. This field has no effect if the device is not a keyserver
message
identity_unauth.proto:209string session_id = 1
Identifier used to correlate start request with finish request
bytes opaque_login_response = 2
Opaque challenge sent from server to client attempting to login (Step 2)
message
identity_unauth.proto:201string session_id = 1
Identifier used to correlate start request with finish request
bytes opaque_login_upload = 2
Message containing client's reponse to server challenge. Used to verify that client holds password secret (Step 3)
message
identity_unauth.proto:263string user_id = 1
string nonce = 2
string nonce_signature = 3
optional device_key_upload = 4
Information specific to a user's device needed to open a new channel of communication with this user
message
identity_unauth.proto:274string user_id = 1
string device_id = 2
string nonce = 3
string nonce_signature = 4
rpc RestoreUser (, )
identity_unauth.proto:34Called by primary device during backup restore protocol
message
identity_unauth.proto:238string user_id = 1
optional string siwe_message = 2
SIWE social proof message and signature
optional string siwe_signature = 3
optional device_key_upload = 4
string device_list = 5
A stringified JSON object of the following format: { "rawDeviceList": JSON.stringify({ "devices": [<primary_device_id: string>] "timestamp": <UTC timestamp in milliseconds: int>, }), "curPrimarySignature": "base64-encoded new primary device signature", "lastPrimarySignature": "base64-encoded old primary device signature" }
string new_backup_id = 6
UserKeys backup fields
bytes encrypted_user_keys = 7
optional string siwe_backup_msg = 8
Called by other services to verify a user's access token
message
identity_unauth.proto:289string user_id = 1
string device_id = 2
signing ed25519 key for the given user's device
string access_token = 3
message
identity_unauth.proto:296bool token_valid = 1
Called by authoritative keyserver to add usernames to the Identity service's reserved list
message
identity_unauth.proto:302string message = 1
Message from authoritative keyserver containing the username to be added
string signature = 2
Above message signed with authoritative keyserver's signing ed25519 key
Called by authoritative keyserver to remove usernames from the Identity service's reserved list
message
identity_unauth.proto:311string message = 1
Message from authoritative keyserver containing the username to be removed
string signature = 2
Above message signed with authoritative keyserver's signing ed25519 key
rpc Ping (, )
identity_unauth.proto:54Called by users periodically to check if their code version is supported
rpc FindUserID (, )
identity_unauth.proto:57Returns userID for given username or wallet address
message
identity_unauth.proto:320oneof identifier
string username = 1
string wallet_address = 2
message
identity_unauth.proto:327optional string user_id = 1
userID if the user is registered with Identity Service, null otherwise
bool is_reserved = 2
true if the identifier (username or wallet address) exists in the reserved usernames list, false otherwise. It doesn't take into account whether the user is registered with Identity Service (userID != null).
Called by clients to get a nonce for a Sign-In with Ethereum message or RPCs requiring challenge-response actions
message
identity_unauth.proto:283string nonce = 1
message
identity_unauth.proto:338repeated string farcaster_ids = 1
message
identity_unauth.proto:342repeated farcaster_users = 1
message
identity_unauth.proto:178Used as response type in: IdentityClientService.LogInExistingDevice, IdentityClientService.LogInPasswordUserFinish, IdentityClientService.LogInWalletUser, IdentityClientService.RegisterPasswordUserFinish, IdentityClientService.RegisterWalletUser, IdentityClientService.RestoreUser, IdentityClientService.UploadKeysForRegisteredDeviceAndLogIn
string user_id = 1
Unique identifier for user
string access_token = 2
string username = 3
This is wallet address for wallet users
message
identity_unauth.proto:109Bundle of information needed for creating an initial message using X3DH
Used in: , , , , ,
optional device_key_info = 1
optional content_upload = 2
optional notif_upload = 3
repeated string one_time_content_prekeys = 4
repeated string one_time_notif_prekeys = 5
DeviceType device_type = 6
Used in: ,
KEYSERVER = 0
WEB = 1
IOS = 2
iOS doesn't leave a good option for title to camel case renaming
ANDROID = 3
WINDOWS = 4
MAC_OS = 5
message
identity_unauth.proto:71Used as request type in: auth.IdentityClientService.DeleteWalletUser, auth.IdentityClientService.LogOutSecondaryDevice, auth.IdentityClientService.LogOutUser, auth.IdentityClientService.SyncPlatformDetails, auth.IdentityClientService.UnlinkFarcasterAccount, IdentityClientService.GenerateNonce, IdentityClientService.Ping
Used as response type in: auth.IdentityClientService.DeletePasswordUserFinish, auth.IdentityClientService.DeleteWalletUser, auth.IdentityClientService.LinkFarcasterAccount, auth.IdentityClientService.LogOutPrimaryDevice, auth.IdentityClientService.LogOutSecondaryDevice, auth.IdentityClientService.LogOutUser, auth.IdentityClientService.PrivilegedDeleteUsers, auth.IdentityClientService.PrivilegedResetUserPasswordFinish, auth.IdentityClientService.RefreshUserPrekeys, auth.IdentityClientService.SyncPlatformDetails, auth.IdentityClientService.UnlinkFarcasterAccount, auth.IdentityClientService.UpdateDeviceList, auth.IdentityClientService.UpdateUserPasswordFinish, auth.IdentityClientService.UploadOneTimeKeys, IdentityClientService.AddReservedUsernames, IdentityClientService.Ping, IdentityClientService.RemoveReservedUsername
(message has no fields)
message
identity_unauth.proto:346Used in:
string user_id = 1
string farcaster_id = 2
string username = 3
message
identity_unauth.proto:80Key information needed for starting a X3DH session
Used in: , ,
string payload = 1
JSON payload containing Olm keys Sessions for users will contain both ContentKeys and NotifKeys For keyservers, this will only contain ContentKeys
string payload_signature = 2
Payload signed with the signing ed25519 key
message
identity_unauth.proto:74Used in: , , ,
string prekey = 1
string prekey_signature = 2
message
identity_unauth.proto:170Messages sent from Identity Service to client
Used as response type in: IdentityClientService.RegisterPasswordUserStart, IdentityClientService.RegisterReservedPasswordUserStart
string session_id = 1
Identifier used to correlate start request with finish request
bytes opaque_registration_response = 2
sent to the user upon reception of the PAKE registration attempt (step 2)
message
identity_unauth.proto:216Used as request type in: IdentityClientService.LogInWalletUser, IdentityClientService.RegisterWalletUser
string siwe_message = 1
string siwe_signature = 2
optional device_key_upload = 3
Information specific to a user's device needed to open a new channel of communication with this user
optional string farcaster_id = 4
string initial_device_list = 5
A stringified JSON object of the following format: { "rawDeviceList": JSON.stringify({ "devices": [<primary_device_id: string>] "timestamp": <UTC timestamp in milliseconds: int>, }), "curPrimarySignature": "base64-encoded primary device signature" } It's an empty string when used outside `RegisterWalletUser` RPC and for older clients which don't sign device lists yet.