Lambdas can be registered with account owners as a json with Passport protocol.

The JSON has a very specific format (refer to example at the last). In this section, we will dive deep into different components of the JSON . Here is a rough overview of different components:

• Authorization - Specify who is allowed to allowed to run a lambda function using the "authorization" parameter. Options include "none" (anyone can trigger). More options will be available soon.

• Triggers - Specify how/when your lambda function gets executed. Currently two triggers are available - hook (by calling executeLambda endpoint with lambda id) or account (attach to your own account so it gets executed every time sign functions are called). You can also use array of triggers.

• Conditions - Define a list of conditions that must be met for the lambda function to generate a signature. Conditions can be of type "fetch" (external API calls) or "code" (arbitrary Deno-compatible code execution).

• Max Executions - Set the maximum number of executions allowed for the lambda function using the "max_executions" parameter. A value of 0 allows infinite executions.

• Envs - Pass arbitrary environment variables to the lambda, using the "envs" array. These variables are composable and can be accessed by using "substitution"

• Verifications - Specify the number of independent verifiers required for the condition match using the "verifications" object. Currently, it defaults to 1.

• Action - Define the signature generation process using the "actions" object. Supported types include "personal_sign" (signing hex data) and "eth_signTransaction" (signing a transaction, coming soon).

• Post Hook - Specify a list of post-processing actions to be triggered after signature generation using the "postHook" array. These actions can include sending the signature to an API, triggering alerts, or submitting transactions.

Let's dive into each component in further detail, and walk through the process of building a Lambda JSON object.

Authorization

During the registration process for a lambda function, user can define who is allowed the trigger the lambda function. Please note that, "Triggering the function" != "Execution". Execution will be governed by conditions.

Authorization can be take many values such us:

• None - Anybody can trigger lambda.

"authorization": {
    "type": "none"
}

• Self - Only owner can trigger the lambda.

"authorization": {
    "type": "self"
}

• Wallet - Only provided wallet can trigger the lambda.

"authorization": {
    "type": "wallet",
    "address": "0x10D64772Db984F63665cf64b4a1A358d377c68d1"
}

Triggers

What initiates the lambda execution. It can take the following values:

• account - Attach to your account and execute any time sign functions are called on your account

"triggers": [
  {
    "type": "account",
  }
]

• hook - Executes when called through executeLambda function/endpoint with respective lambda id.

"triggers": [
  {
    "type": "hook",
  }
]

Verification

This accounts for how many independent verifiers of your condition match must be present for action to be executed.

"verifications": {
  "count": 1
}

Max Executions

This variable controls how many times at max you wanna allow successful execution of your lambda function.

"max_executions": 1

Envs

This allows you to pass any arbitrary environment variables that you want to pass into your runtime.

"envs": ["dummy", 13, {"code": 2 }]

Conditions

Conditions govern criteria under which the lambda action is allowed to generate a signature. You can pass a combination of conditions as an array.

There are 2 important points to note:

1. You can use outputs of previous conditions in any of the following conditions.

2. Last condition must return a boolean telling the lambda whether to generate signature or not

Each condition can be one of the 2 types:

1. Fetch - Use this type of condition to do any external API call (on-chain or off-chain) and return its response as output.

{
    "type": "fetch",
    "endpoint": "http://api.xyz.com",
    "headers": {
        "content-type": "application/json"
    },
    "protocol": "GET", //can be GET,POST
    "body": {
        "count" : 1
    }, //pass whatever body content you need
    "substitution": false // whether to allow using of previous condition outputs
}

2. Code - Use this type of condition to execute any arbritrary deno compatible code (without online connectivity) and return its response as output.

{
  "type": "code", 
  "code": "return 3+5;", // pass any arbritrary multi-line code as string
  "output_type": "integer", // ignore this - not used currently
  "substitution": false // whether to allow using of previous condition outputs
}

As you see above, you can also enable substitutions. Here is an example:

[
    {
        "type": "code",
        "code": "return 3;",
        "output_type": "integer",
        "substitution": false
    },
    {
        "type": "code",
        "code": "return <<conditions.0>> === 3;", //substitution conditions.0 = output of 0th index of conditions
        "output_type": "integer",
        "substitution": true
    },
    {
        "type": "fetch",
        "endpoint": "http://api.xyz.com",
        "headers": {
            "content-type": "application/json"
        },
        "protocol": "GET", //can be GET,POST
        "body": {
            "count" : "<<inputs.0>>" //refers to the 0th input parameter passed during execution
        },
        "substitution": true 
    }
]

Actions

Actions are responsible for the signature generation process. This are the equivalent of ERC-1193 operations to be performed using your wallet. Currently, the following 2 operations are possible

1. personal_sign

"actions": {
  "type": "personal_sign",
  "check": "", //ignore not used
  "data": "0x000000", //hex data to be signed
  "substitution": false //substition support coming soon
},

2. eth_signTransaction (Coming Soon)

"actions": {
  "type": "eth_signTransaction",
  "check": "", //ignore not used
  "data": {
  }, //transaction data 
  "substitution": false //not possible at this point
}

Post Hook

After you have generated the signature, you may want to trigger any post process via an API call. This may be sending over the signature to an API, triggering a slack alert or even submitting a transaction. You can pass a list of post hooks to be triggered post signature generation.

[{
    "type": "fetch",
    "endpoint": "http://api.xyz.com",
    "headers": {
        "content-type": "application/json"
    },
    "protocol": "GET", //can be GET,POST
    "body": {
        "signature" : "<<action>>"
    }, //pass whatever body content you need
    "substitution": true // whether to allow using previous action output
}]

Example

{
    "jsonrpc": "2.0",
    "method": "lambda_new",
    "params": {
        "data": {
            "authorization": {
                "type": "none"
            },
            "verifications": {
                "count": 1
            },
            "triggers" : [
                {
                    "type": "account",
                },
                {
                    "type": "hook",
                },
            ]
            "conditions": [
                {
                    "type": "code",
                    "code": "return 3;",
                    "output_type": "integer",
                    "substitution": false
                },
                {
                    "type": "code",
                    "code": "return true;",
                    "output_type": "integer",
                    "substitution": false
                }
            ],
            "actions": {
                "type": "personal_sign",
                "check": "",
                "data": "0x000000",
                "substitution": true
            },
            "postHook": []
        }
    },
    "id": 3
}