I’ve had this asked a couple times, so I figured I’d write this up.
After authentication, if an application wishes to figure out the current user’s identity public key or address (non-app-specific), there’s a couple of ways to go about this.
If the user has a username – the API call /v1/names/foo.id will give you this info:
$ curl -s 'https://core.blockstack.org/v1/names/blankstein.id' | jq .
{
"address": "15GAGiT2j2F1EzZrvjk3B8vBCfwVEzQaZx",
"blockchain": "bitcoin",
"expire_block": 594441,
"last_txid": "2bcb8308165e319adc3a7eb894c2bb874f3c7c37984f3433be1a20a9ff01a227",
"status": "registered",
"zonefile": "$ORIGIN blankstein.id\n$TTL 3600\n_http._tcp URI 10 1 \"https://gaia.blockstack.org/hub/15GAGiT2j2F1EzZrvjk3B8vBCfwVEzQaZx/0/profile.json\"\n",
"zonefile_hash": "f73d5a4ce030f76618dec839404fd1b793c5f015"
}
As you can see, I get a bitcoin address for the user. But can I find a public key for that address? And can I get it for user’s without usernames?
Yes
Obtaining current user’s public key from the authentication response
The application gets an authentication response object when a user logs in. This auth response object is a JSON web token (JWT), which is signed by the user’s public key. That public key is stored in the JWT’s payload “public_keys” field. This authentication response object is stored in the userData object.
All of this can be used to obtain a user’s ECDSA public key and identity address:
var authResponseToken = blockstack.loadUserData().authResponseToken
var decodedToken = blockstack.decodeToken(authResponseToken)
var publicKey = decodedToken.payload.public_keys[0]
console.log(publicKey)
// 02a96bf05c05be19355d05366b81a552082be41ab3608710ab5cad798532d6345a
console.log(blockstack.publicKeyToAddress(publicKey))
// 15GAGiT2j2F1EzZrvjk3B8vBCfwVEzQaZx
A lot of this information will also be available in @larry’s forthcoming documentation on Blockstack’s authentication protocol.