Clarifying accounts/keys question

[mikeshultz]

Doesn't look like I'm getting the same address derived from getReceivePublicKey(60, 0) as is displayed in the Ethereum wallet of the Zion mobile app. Should apps built using ZKMA/ZKMS share the same keys as the Zion mobile app? Or does the unique ID/sha256 params given when registering change the derived private key used for that instance?

I think for my use case, I'd prefer to use the same account users already have (via the Zion mobile app) so the app doesn't have to deal with generating accounts and funding them to onboard users. Is that doable or not intended functionality? Any clarification on this would be appreciated.

[htczion]

Hi Mike,

In general, the app which use the ZKMA/ZKMS has responsibility to own the private key by itself.

Due to they are individual App instance, so it can't get the same public key as Zion Vault from getReceviePublicKey() even if you register the wallet by passing the same register parameters.

If you want to leverage the same account between Zion Vault and your App, there are two ways can do it.

1. Request user to restore the same seed (12 key recovery phase) to both Zion vault and you App.

2. Require the wallet information (ex : public key .. ) from Zion Vault directly.
   (https://github.com/htczion/ZionVaultSDK/wiki#3-application-based-integration)
   BTW, for highly trusted operation (ex : sign transaction ...), let your App becomes the trusted partner App of Zion Vault is required.
   (https://github.com/htczion/ZionVaultSDK/wiki#35-getting-zion-vault-wallet-id),
   But it is not suggested for Independent developer because some security process needs to be done first( ex: contact Zion team to sign the NDA ... )

I hope it helps you.

[mikeshultz]

Some questions regarding the second option:

Is the walletId returned by IZionWalletServiceAPIs.getZionWalletId() the same as unique_id as you'd get with register() in ZKMA? Trying to figure out how these two relate since IZionWalletServiceAPIs doesn't appear to be able to sign transactions?

getZionWalletId is a high risk API, and requires you to provide the SHA-256 hash of the key used to sign your app to HTC

Is there a way to test this before going through the NDA and key sharing process?

[joshfraser]

Who's the best contact at Zion for kicking off the NDA and key-sharing process?

[htczion]

Hi Mike,

The unique wallet id is the important key entry for accessing seed(private key) on TEE.

For example :

Zion Vault acquires the unique wallet Id (0x123456) via ZKMA register method,
if your app is the partner app of Zion Vault, use IZionWalletServiceAPIs.getZionWalletId()
could let you to retrieve the same unique wallet Id (0x123456) from Zion Vault.

Once your app got the Zion Vault's unique id, you can use it to sign the transacion (TUI for user confirm is needed)
mZKMA.signTransaction(unique_id... ) or other operations related to Zion Vault's unique_id.
(unfortunately, it is not allow to test before sign the NDA)

Due to it is the violent way to touch the secret from Zion Vault, generally we would not recommend 3rd-party App use it.

Alternatively, if your App is just want to do signTransaction (ex : pay ethereum to buy something), you might
consider to create the DApp (web3 API concept), Zion Vault has ability to interactive the operation with DApps via web3 API.

[htczion]

Who's the best contact at Zion for kicking off the NDA and key-sharing process?

Hi Josh,
Please help to list and send your requirements to [email protected]
We will review it and feedback to you.