Skip to main content

Benefits of Function-Call Keys

· 3 min read
Guille
Guille
Docs Maintainer

NEAR has a unique key management system that allows each account to have multiple access keys. Each of these keys can be one of two types: Full-Access Keys and Function-Call Keys.

Full-Access Keys are the traditional type of key you might be used to, which provide complete control over an account, allowing the holder to perform any action, including transferring funds, deploying contracts, and managing other keys.

On the other hand, Function Call Keys allows you to provide restricted access to third parties. This key type, unique to NEAR, enables several use-cases worth discussing.

Let's explore some of the main benefits of Function-Call Keys.

Enhancing User Experience

The most common use case for Function-Call keys is to allow an application to sign transactions on the user's behalf.

Imagine you are developing a game that records the user's score on a smart contract. On other chains, you would have to disrupt the user's experience to request transaction signatures each time the game needs to update the score.

With NEAR, you can request the user to generate a Function-Call key for the game's contract and share it with the game. This way, the game can sign transactions in the user's name, eliminating gameplay interruptions.

Sharing this key is safe for the user, because even in the case of somebody stealing it, they would only be able to call the score-keeping method, and nothing else.

Simple Onboarding

Another common use-case of Function-Call keys is to simplify the onboarding process for new users.

It works as follows:

  1. Create a contract that has a method called create_account

    • This method should only be callable by the contract itself and
    • When executed, the method should create a new account and transfer some tokens to it

  2. Add multiple Function Call Keys in the contract's account, that only allow to call create_account

  3. Give these keys to your friends! They will be able to call the method, and easily create an account with some tokens

Your main account and your funds will never be at risk, as the keys can only be used to call the create_account method.

tip

This is the basic principle behind NEAR Drops, a way to distribute assets to a large number of users

Key Rotation and Recovery

The presence of multiple keys allows for easy rotation and recovery. If you suspect a key might be compromised, you can promptly remove it or replace it with a new one, similar to changing your password on a website.

You can also establish a key-recovery contract in your account and generate a "recovery key" for a trusted party. This key would only be used to initiate the recovery process.

In case of necessity, the trusted party can trigger the recovery process, assisting in the creation of a new full-access key for you.