[NEW CONTENT] NEAR CLI -- `near keys`

[amgando]

Submission

I've created this video covering NEAR CLI near keys command requested by #1

Video

• [ 7:25 ] https://www.loom.com/share/3f94e357f6ec4ca685b05edf165546f7

Related Links

• NEAR CLI docs are here
• Access Keys documentation is here
• NEAR CLI command for near keys is here
• NEAR CLI implementation for near keys is here
• near-api-js implementation of the getAccessKeys function is here
• JSON RPC API view_access_key_list is here

Community Votes ❤️ I love it! 🚀 I can help you!

[amgando]

Hey, I'm going to talk about the near keys command in the NEAR CLI. So you can see here, I'm on a Mac. I'm using Node version 12.19. It's currently Thursday, May 20th. I'm using nvm to manage my environment. I'm using NEAR CLI version 2.0

So if I type near keys, I'm going to see this requirement for an account ID and an error down here and option argument.

So I actually need to add the account. So I could type near and then my test account. There are a lot of keys here.

Maybe let's try a smaller account. We've got this one. And so here, we'll see two kinds of keys that have come back a function call access key, which allows us to call a receiver in this case, the Testnet account with some allowance and any number of method names.

This can be a little bit confusing here, so let's see. Can we find it a different account with a slightly different combination there?

So here there are many function call access keys and they are allowed to call this you know, a debt dev account that's generated for us.

And we're building something typically just like a throwaway account. And you can see all of these function, call access keys, have these few bits in common.

They all have a nonce. They all have some allowance that usually starts with like 25 in your sense, and then a receiver ID, which is the target account that you're allowed to spend up to this amount of money this amount of near tokens calling any number of methods of this arrays empty on this account from the current account whose key you're attached to.

So I've got keys on my tests, that account that means I can spend up to this much money calling any method on this account of, of the, the money would be drawn from the, the test, that account that it's tied to.

So that's a, that's what a function called access key is. And then the full access key is a little bit simpler and it's structured with is basically it's just a nonce that keeps track of how many times the key keys been used in order to disambiguate multiple calls subsequent calls, if they're, they're all being kind of dealt with in an end pool at the same time.

And then the full access key lets you do any of the of the actions, the primitive actions on here. So the command is actually pretty straightforward near keys and and then and, and then the, the the accountant if we wanted to, we could change the environment can main that.

And then ask for cues on some other accounts and again because this is all public you can do this for any account anywhere and see sort of what accounts people have been using and how much they've been using them.

That might be an interesting project actually, to do a little bit of discovery to see, you know, for a given number of accounts or what applications are they using and and you know, how much of their original allowance that they spent call them those accounts.

So so that's what the command looks like there. This is the documentation that we found. So just right in near adopts, when we land here near CLI and then right at the top near keys we can see this, the command and then the response that we get for full access and for function, call access keys, two kinds of access keys.

Here's an example where the function call access key has been limited to just this one method on this receiver. And so that would constrain what methods you can call if it's an empty array, as you saw on the previous examples in the terminal here, then you can call any methods a little bit more about access keys with full access keys.

You can call eight all AWS actions create an account maybe a sub account. In that case of your account, you can delete the account for which you have a full access fee.

You can add a key to it, delete a key from it, deploy a contract to it, call a function, assuming there's a contract there transfer near tokens from that account to any other kind of your choice and stake those tokens, which take any tokens that are on that account.

So those are the eight primitive actions that you can do and the full access key lets you do all of those functions, all access key has an allowance or receiver ID and then method names as we discussed earlier.

So that's the idea of these keys. If we look at the implementation in your CLI, we'll see the near keys command pretty straightforward you know, just the account ID is the argument here that you need.

And then it calls this function here, which is again, pretty straightforward, just connecting to the network hydrating the account and then calling get access to ease on that account and then printing those access keys out with some formatted response.

So that's how that works. Let's take a look behind this, get access key methods in near API JS actually. And so so here in near API JS, I'm in the account lid and in fact I want to be in the sorts looking at the account and the method I'm looking for is get access keys.

Okay, here it is. And the reason that I want to be in the source folder is because your API jets is a TypeScript library.

So the source folders for the TypeScript is every other folder basically is generated there, including the lip full rows in.

So this is the implementation of get access speeds. You can see that you're, it is connecting to the adjacent RPC API calling this view access key list you know, as part of the query method, this is the parameter that it sends passes in the account ID and then chooses optimistic finale to respond quickly.

And then it just goes back and kind of response and returns that response. So pretty straightforward here, API JS, just a proxy for the RPC API, which we can also find in the documentation under API.

We have here you access key list and this is the query that we're running and then here's what the sample response might look like.

And in this case, you can see there are a bunch of functional call access, keys, these kind of bigger structures and then full access keys, these smaller bits.

So that's all the way from using near CLI to discover keys through the implementation of near CLI. How does this to the near API JS connection.

And then finally the Jason RPC API that new API JS is rapping that's touching all the way through the API.

So from the RPC call in your API JS JavaScript wrapper to near CLI implementation the command and then the usage from the front end, hopefully that's all.