Hosted Gateway
The Ten Gateway is a critical application that facilitates communication between a Ten node and various tools that require a connection to it, such as MetaMask. Due to the encryption of data within a Ten node, direct communication is not feasible.
The program conforms to the Ethereum JSON-RPC specification (Ethereum JSON-RPC Specification) and also supports additional APIs to ensure compatibility with popular tools like MetaMask.
You have the flexibility to host the Ten Gateway yourself or use one of the hosted gateways if you choose to join Ten. You also have the option to run and use the program independently. The diagram below illustrates different usage scenarios, with Bob and Charlie using the hosted version and Alice managing it independently.
Workflow
The onboarding process is straightforward and requires only a few clicks:
- The user navigates to a website where a hosted Ten Gateway is running and clicks on "Join Ten." This action will add a network to their wallet.
- The user then connects their wallet and switches to the Ten network, if they have not done so already.
- In the wallet popup, the user is prompted to sign over an EIP-712 formatted message or text message which includes an encryption token.
Endpoints
GET /join
This endpoint generates a key-pair, saves it in the database, derives an encryption token from the keys, and returns the encryption token.
GET /getmessage
This endpoint generates a message for the user to sign in order to authenticate their address. We currently support EIP712 messages and simple text messages that need to be signed with Personal sign by the user.
Here is an example for the GET request body:
{
"encryptionToken": "2d127471df48dad460a60194496f975fd9d558d1",
"formats": ["EIP712", "Personal"]
}
-
encryptionTokenis mandatory and is the encryption token generated by the /join endpoint. -
formatsis optional and can be either "EIP712" or "Personal". If not provided / or both are provided, the default value is "EIP712".
Message returned by the endpoint is in the following format:
{
"message": "<message>",
"type": "<EIP712/Personal>"
}
EIP712 Message uses following format:
{
types: {
EIP712Domain: [
{ name: "name", type: "string" },
{ name: "version", type: "string" },
{ name: "chainId", type: "uint256" },
],
Authentication: [
{ name: "Encryption Token", type: "address" },
],
},
primaryType: "Authentication",
domain: {
name: "Ten",
version: "1.0",
chainId: <TenChainID>,
},
message: {
"Encryption Token": <encryptionToken>
},
}
And Personal Message uses following format:
Token: %s on chain: %d version: %d
POST /authenticate?token=$EncryptionToken
This endpoint enables the addition of multiple addresses for each encryption token. Prior to saving, it performs several checks on the signature and encryption token.
Here's an example of the POST request body for the /authenticate endpoint:
{
"address": "0xEF1C76228AeaDE07B74eA4a749d02f539cCff16a",
"signature": "0x781699d25d62ebaa3cc0901ac1fd9fda4e7e3b143bee854b262434e3e22021d1607b5680924ac439dec9838344d6785100c7043312cec07b7fd1e9d26983f69f1b",
"type": "EIP712"
}
addressis mandatory and is the address of the user who is trying to authenticatesignatureis mandatory and is the signature of the message generated by the /getmessage endpointtypeis optional and can be either "EIP712" or "Personal". If not provided, the default value is "EIP712".
GET /query/address?token=$EncryptionToken&a=$Address
This endpoint returns a boolean value (true or false) based on whether the given address is registered with the provided encryption token.
GET /revoke?token=$EncryptionToken
This endpoint facilitates the removal of a certain encryption token's access by deleting the key-pair from the database. This is particularly useful when a user wishes to revoke access for a specific encryption token.