-
Notifications
You must be signed in to change notification settings - Fork 68
Mobile Wallet Nomenclature
These refer to key status which affect the UX when using keys to sign. An auth-locked key requires a User-presence event (In Technical Android terms, a User Authentication event) such as a system PIN, swipe pattern, fingerprint or face unlock to have taken place within 30 seconds of key usage. The app will handle prompting the user to supply those events. An auth-unlocked key only requires the user to have opened the app to use the key.
An auth-locked key is created with the .setUserAuthenticationRequired(true) flag set. When the app uses the key created in this fashion to encrypt the HD Wallet seed phrase the Android Keystore requires the user to provide a User-presence event. Subsequently, each time the app needs to regenerate the HD Wallet private key for signing, the Android Keystore requires a User-presence event to have occurred before it will decrypt the seed phrase which it needs to build the HD Wallet. If the key is built with .setUserAuthenticationRequired(false) there is no such requirement to provide this event before usage.
The Android Keystore requires the device to have an active screenlock setup to successfully create a key with .setUserAuthenticationRequired(true)
Further, the Keystore will destroy any keys created with .setUserAuthenticationRequired(true) if the screenlock is removed.