Skip to content

Commit

Permalink
[Doc] fix advice for ephemeral key pair and the ZK proof storage (#16225
Browse files Browse the repository at this point in the history 
)

## Description 

This restores the advice to the previous wording.

## Test Plan 

n/a

---
If your changes are not user-facing and do not break anything, you can
skip the following section. Otherwise, please briefly describe what has
changed under the Release Notes section.

### Type of Change (Check all that apply)

- [ ] protocol change
- [ ] user-visible impact
- [ ] breaking change for a client SDKs
- [ ] breaking change for FNs (FN binary must upgrade)
- [ ] breaking change for validators or node operators (must upgrade
binaries)
- [ ] breaking change for on-chain data layout
- [ ] necessitate either a data wipe or data migration

### Release notes
  • Loading branch information
@mwtian
mwtian authored Feb 13, 2024
1 parent 13d55b5 commit bd79e2d
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions docs/content/concepts/cryptography/zklogin.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -527,8 +527,7 @@ You might want to cache the ephemeral key pair along with the ZKP for future use

However, the ephemeral key pair needs to be treated as a secret akin to a key pair in a traditional wallet. This is because if both the ephemeral private key and ZK proof are revealed to an attacker, then they can typically sign any transaction on behalf of the user (using the same process described previously).

Consequently, you should choose the storage of the ephemeral key pair and the ZK proof carefully. For example, a web browser provides both session and local storage. Data in local storage persists until you explicitly clear your browser cache (remains across browser sessions), whereas session storage persists only until you close the tab or bowser. Using local storage for this data is preferable to safeguard against the loss of funds should the session end unexpectedly.

Consequently, you should not store them persistently in an unsecure storage location, on any platform. For example, on browsers, use session storage instead of local storage to store the ephemeral key pair and the ZK proof. This is because session storage automatically clears its data when the browser session ends, while data in local storage persists indefinitely.

## How zkLogin Works {#how-zklogin-works}

Expand Down

0 comments on commit bd79e2d

Please sign in to comment.