API Key

Introduction

This document provides a comprehensive guide to integrating the MPC SDK (SDK) with API key authentication, enabling secure access to the MPC system. By leveraging this integration, developers can enhance the security of their blockchain applications while maintaining ease of use and flexibility.

ScopeThis guide will cover

• The role of API key authentication in securing communication with the MPC server.

• The flow of the integration between each component in the MPC system

• API key usage tracking

This document is intended for developers and technical teams looking to integrate MPC SDK capabilities into their blockchain solutions securely and efficiently.

Architecture and Integration Flow

Every request access into the MPC system will be treated as a tenant, therefore the usage is tracked by tenant level.

Architecture

MPC SDK: This is SDK for client interaction with the MPC systemMPC system contains the following components:

• API Gateway: the entry point for all requests from MPC SDK access into MPC system

• MPC server: service handles multi-party computing

• Auth server: before SDK conducts requests into the MPC server, the user must obtain the user token in JWT format from the Auth server.

• MPC usage tracking: each request comes into the MPC server, which will track the usage by this service

Integration Flow

Step 1: Obtain API Key

Customers must contact Cramium Labs to obtain an API key for the SDK. This API key should be added to the SDK configuration. (The contact email info@crossbar-inc.com needs to be updated.)

---

Step 2: Test Passkey Authentication with API Key

Before integrating the SDK, customers can use the WebAuthn Playground to test Passkey authentication using their API key.🔗 Playground URL: https://auth.mpc-dev.cramiumtech.com/playground/ The Playground allows users to register and authenticate using Passkeys

Steps to Test in Playground:

1. Enter your API key (obtained in Step 1).

2. Enter a username for testing authentication.

3. Click the Register button to register a new Passkey.

4. Once registered, click the Authenticate button to verify authentication.

5. If successful, the Playground will return a JWT token containing tenant metadata.

This JWT token can then be used in the SDK to make authenticated requests to the MPC server.

---

Step 3: Authenticate via SDK

Once authentication is verified in the Playground, the SDK can be used to perform Passkey authentication by communicating with the Auth server using the provided API key.

• The server responds with a JWT token, which contains tenant metadata to determine which tenant the user belongs to.

---

Step 4: Send Requests to MPC Server

The JWT token obtained from authentication is then used to make a gRPC request to the MPC server.

---

Step 4.1: Usage Tracking Integration

For every request sent to the MPC server, the usage is tracked by the Usage Tracking service.

• Tenant information is extracted from the JWT token using the following fields:

  • providerTenantId

  • providerTenantName