Skip to content
LogoLogo

Identity

This page documents the normative V2AddressNative identity model from protocol/SPECIFICATION.md.

Canonical identity

owner_address is the sole canonical account identifier in Makechain V2.

  • It is a raw 20-byte EVM-style address.
  • Any valid 20-byte address is a valid Makechain principal, even if it has never submitted a message.
  • Missing account state means default-zero bookkeeping, not invalid identity.

V2 has no registry-backed account creation, protocol-level ownership transfer, or protocol-level recovery flow.

Delegated protocol keys

Protocol signing keys are Ed25519-only in V2.

Each delegated key is attached to an owner_address and has one of these scopes:

ScopeMeaning
OWNERHighest privilege
SIGNINGOrdinary account and project administration
AGENTProject-scoped automated actions

AGENT keys may be constrained by allowed_projects. OWNER and SIGNING keys ignore allowed_projects.

Signer management

SIGNER_ADD and SIGNER_REMOVE are the only signer-management paths in V2.

  • Both are user-submitted messages with valid Ed25519 envelopes.
  • The envelope signer provides transport integrity only.
  • Authorization comes from a custody signature that verifies directly against MessageData.owner_address.

Supported wallet-level custody signature families are:

custody_key_typeFamily
0secp256k1 ECDSA
1P256 ECDSA
2WebAuthn P256
3ERC-1271

For ERC-1271, the corresponding custody_block_hash must be present and is bound into the typed data.

App attribution

Every SIGNER_ADD includes app attribution.

  • request_owner_address is a 20-byte external wallet address.
  • It is not a Makechain account lookup key.
  • request_signature verifies directly against request_owner_address.
  • Self-request is represented by request_owner_address == owner_address.

The typed data is SignerRequest(address requestOwner, bytes32 key, uint64 validAfter, uint64 validBefore, uint32 network).

Typed data

The custody and attribution payloads are address-native in V2:

SignerAdd(address owner, bytes32 key, uint32 scope,
          uint64 validAfter, uint64 validBefore,
          uint64 nonce, bytes32[] allowedProjects,
          uint32 network)

SignerRemove(address owner, bytes32 key,
             uint64 validAfter, uint64 validBefore,
             uint64 nonce, uint32 network)

SignerRequest(address requestOwner, bytes32 key,
              uint64 validAfter, uint64 validBefore,
              uint32 network)

ERC-1271 variants add bytes32 validationBlockHash and bind the historical Tempo block hash into the signed payload.

External address verification

VERIFICATION_ADD and VERIFICATION_REMOVE link external addresses to an owner_address.

For ETH verification, the proof metadata includes:

  • claim_key_type
  • claim_block_hash when claim_key_type == 3

For SOL verification, the signed challenge string is:

makechain:verify:<network>:<owner_address_hex>

owner_address_hex is lowercase hex, exactly 40 characters, with no 0x prefix.

Removed concepts

These do not exist in V2 semantics:

  • registry-based account allocation
  • onchain registry-based account creation
  • protocol-level ownership transfer
  • protocol-level recovery
  • host-chain-driven identity ingress
  • relay-derived signer authorization
Edit this page on GitHub