コンテンツにスキップ

deriveIdempotencyKey

このコンテンツはまだ日本語訳がありません。

deriveIdempotencyKey(identity, clientSecret?): string

Defined in: src/idempotency/key.ts:106

Derives the opaque wire idempotency key (Idempotency-Key header value) from a request identity. Same identity ⇒ same key.

Without a secret: keccak256(domain ‖ canonical(identity)) — no plaintext intent on the wire; forgery is bounded because a cached response is released only after the server re-verifies a presented authorization. With a clientSecret: a keccak-keyed hash keccak256(secret ‖ preimage) (Keccak/ SHA-3 is length-extension-resistant, so a prefix construction is a sound MAC; KMAC is the rigorous upgrade) — unforgeable and not correlatable across clients. The secret is optional and off the fund path: the on-chain backstop (deriveAuthorizationNonce) never depends on it.

Parameters

identity

CanonicalRequestIdentity

clientSecret?

`0x${string}`

Returns

string

Example

import { deriveIdempotencyKey } from "kawasekit/idempotency";
const key = deriveIdempotencyKey({
conversationId: "conv-42",
stepId: "3",
intent: "fetch_weather:Tokyo",
});