The following are API flow charts and use cases that describe when and how Samsung Blockchain Keystore APIs can be implemented.
Use Case 1: Get the address to link to your Android app.
Use Case 2: Sign a cryptocurrency transaction.
The most common use case of checking the status of Samsung Blockchain Keystore and linking the user’s address to your Android app includes the following steps:
In your Android app, call ScwService.getInstance(). If the returned value is an instance and not null, then it means Samsung Blockchain Keystore is supported on the device. However, if null is returned, the user must use a different keystore.
Call getKeystoreApiLevel API to see if the current Samsung Blockchain Keystore is being used properly and supports the features that your Android app is currently aiming for. If the required API level is higher than the current Samsung Blockchain Keystore level, users are directed to Samsung Blockchain Keystore app page in Galaxy Store through the provided deeplink to update.
Check if a user has set up the Samsung Blockchain Keystore and is ready to use it by calling getSeedHash API. If the Seed Hash value in String is zero length, this means the user has not set up Samsung Blockchain Keystore yet. Hence, your app will need to guide the user to jump to Samsung Blockchain Keystore via deeplink to either create or import a wallet.
If the getSeedHash API returned value is not zero-length, it means that the user has successfully set up Samsung Blockchain Keystore. If there is a previously saved or cached Seed Hash value, compare the two Seed Hash values. If those two values are not equal, nor if there is no such saved cached Seed Hash value, then the address has to be checked again. If the Seed Hash value has been changed, it means the Root Seed has been changed as well, meaning the address that your Android app was linked to may no longer be the same address.
Call getAddressList API to get a list of addresses that corresponds to the HD paths given as input parameter of getAddressList API function.
Developers should store the Seed Hash value and the user’s address for further reference.
The address can be used as a user’s account to link to your Android app. Developers can check balances and transaction details with the saved user’s address.
Users can jump to Samsung Blockchain Keystore Settings page via Deeplink. In the Settings page, users can manage authentication methods, such as changing PIN or setting up a fingerprint, checking Recovery Phrase, reading notices, checking app information, asking questions, or even removing Samsung Blockchain Keystore.
Other options, such as checking whether there is a mandatory app update (checkForMandatoryAppUpdate API) or which coins are supported in the current version (getSupportedCoins API) can also be implemented.
Samsung Blockchain Keystore can be utilized to sign a cryptocurrency transaction, such as Ethereum by implementing the following steps.
Follow Steps 1-4 found in Use Case 1: Get Address to link to your Android app.
Your Android app creates an unsigned transaction, and requests Samsung Blockchain Keystore to sign the transaction via APIs like signEthTransaction or signEthPersonalMessage.
Then the user will see a transaction confirmation page on a secure screen called, a TUI executed in TEE by Samsung Blockchain Keystore.
Once the user confirms the transaction with PIN or Biometrics Authentication, like Fingerprint, Samsung Blockchain Keystore signs a transaction with the private key derived from the Root Seed stored safely in the Secure File System.
When Samsung Blockchain Keystore returns the signed transaction, your app can submit or send the signed transaction to the main network of each cryptocurrency.