# KeyAuthorization.from

Converts a Key Authorization object into a typed [`KeyAuthorization.KeyAuthorization`](/tempo/reference/KeyAuthorization/types#keyauthorization).

Use this to create an unsigned key authorization, then sign it with the root key using [`KeyAuthorization.getSignPayload`](/tempo/reference/KeyAuthorization/getSignPayload) and attach the signature. The signed authorization can be included in a [`TxEnvelopeTempo.TxEnvelopeTempo`](/tempo/reference/TxEnvelopeTempo/types#txenvelopetempo) via the `keyAuthorization` field to provision the access key on-chain.

[Access Keys Specification](https://docs.tempo.xyz/protocol/transactions/spec-tempo-transaction#access-keys)

## Imports

:::code-group
```ts [Named]
import { KeyAuthorization } from 'ox/tempo'
```

```ts [Entrypoint]
import * as KeyAuthorization from 'ox/tempo/KeyAuthorization'
```
:::

## Examples

### Secp256k1 Key

Standard Ethereum ECDSA key using the secp256k1 curve.

```ts twoslash
import { Address, Secp256k1, Value } from 'ox'
import { KeyAuthorization } from 'ox/tempo'

const privateKey = Secp256k1.randomPrivateKey()
const address = Address.fromPublicKey(
  Secp256k1.getPublicKey({ privateKey })
)

const authorization = KeyAuthorization.from({
  address,
  chainId: 4217n,
  expiry: 1234567890,
  type: 'secp256k1',
  limits: [
    {
      token: '0x20c0000000000000000000000000000000000001',
      limit: Value.from('10', 6)
    }
  ]
})
```

### WebCryptoP256 Key

```ts twoslash
import { Address, WebCryptoP256, Value } from 'ox'
import { KeyAuthorization } from 'ox/tempo'

const keyPair = await WebCryptoP256.createKeyPair()
const address = Address.fromPublicKey(keyPair.publicKey)

const authorization = KeyAuthorization.from({
  address,
  chainId: 4217n,
  expiry: 1234567890,
  type: 'p256',
  limits: [
    {
      token: '0x20c0000000000000000000000000000000000001',
      limit: Value.from('10', 6)
    }
  ]
})
```

### Attaching Signatures (Secp256k1)

Attach a signature to a Key Authorization using a Secp256k1 private key to authorize another Secp256k1 key on the account.

```ts twoslash
import { Address, Secp256k1, Value } from 'ox'
import { KeyAuthorization } from 'ox/tempo'

const privateKey = '0x...'
const address = Address.fromPublicKey(
  Secp256k1.getPublicKey({ privateKey })
)

const authorization = KeyAuthorization.from({
  address,
  chainId: 4217n,
  expiry: 1234567890,
  type: 'secp256k1',
  limits: [
    {
      token: '0x20c0000000000000000000000000000000000001',
      limit: Value.from('10', 6)
    }
  ]
})

const rootPrivateKey = '0x...'
const signature = Secp256k1.sign({
  payload: KeyAuthorization.getSignPayload(authorization),
  privateKey: rootPrivateKey
})

const authorization_signed = KeyAuthorization.from(
  authorization,
  { signature }
)
```

### Attaching Signatures (WebAuthn)

Attach a signature to a Key Authorization using a WebAuthn credential to authorize a new WebCryptoP256 key on the account.

```ts twoslash
// @noErrors
import {
  Address,
  Value,
  WebCryptoP256,
  WebAuthnP256
} from 'ox'
import {
  KeyAuthorization,
  SignatureEnvelope
} from 'ox/tempo'

const keyPair = await WebCryptoP256.createKeyPair()
const address = Address.fromPublicKey(keyPair.publicKey)

const authorization = KeyAuthorization.from({
  address,
  chainId: 4217n,
  expiry: 1234567890,
  type: 'p256',
  limits: [
    {
      token: '0x20c0000000000000000000000000000000000001',
      limit: Value.from('10', 6)
    }
  ]
})

const credential = await WebAuthnP256.createCredential({
  name: 'Example'
})

const { metadata, signature } = await WebAuthnP256.sign({
  challenge: KeyAuthorization.getSignPayload(authorization),
  credentialId: credential.id
})

const signatureEnvelope = SignatureEnvelope.from({
  // [!code focus]
  signature, // [!code focus]
  publicKey: credential.publicKey, // [!code focus]
  metadata // [!code focus]
})
const authorization_signed = KeyAuthorization.from(
  authorization,
  { signature: signatureEnvelope } // [!code focus]
)
```

## Definition

```ts
function from<authorization, signature>(
  authorization: authorization | KeyAuthorization,
  options?: from.Options<signature>,
): from.ReturnType<authorization, signature>
```

**Source:** [src/tempo/KeyAuthorization.ts](https://github.com/wevm/ox/blob/main/src/tempo/KeyAuthorization.ts#L1190)

## Parameters

### authorization

* **Type:** `authorization | KeyAuthorization`

A Key Authorization tuple in object format.

### options

* **Type:** `from.Options<signature>`
* **Optional**

Key Authorization options.

#### options.signature

* **Type:** `SignatureEnvelope | signature`
* **Optional**

The [`SignatureEnvelope.SignatureEnvelope`](/tempo/reference/SignatureEnvelope/types#signatureenvelope) to attach to the Key Authorization.

## Return Type

The [`KeyAuthorization.KeyAuthorization`](/tempo/reference/KeyAuthorization/types#keyauthorization).

`from.ReturnType<authorization, signature>`
