Identity Module
Zenrock's Identity Module is responsible for identity management on Zenrock. There are currently two objects that are stored and managed using this module: Keyrings & Workspaces.
Keyrings
Keyrings represent off-chain systems that provide keys and signatures. One example of this is the Zenrock MPC system.
Keyrings have a distinct address. This is used to select the keyring when performing key and signature requests.
Keyrings also define how many parties are involved. Only parties inside the keyring object are eligible to broadcast responses on-chain.
Lastly, a keyring provider can set the costs that occur for each key and signature request.
Workspaces
Workspaces allow users (workspace owners) to manage sets of keys. This allows key rotation and decouples the risk from managing wallets through one single account.
Apart from having associated keys, workspace settings also define policies for admin and signature tasks.
Policies define governance of the workspace. They typically specify which combination of accounts must provide approval for a signature to be considered valid.
Policies also provide a governance structure for workspace changes and can be used to prevent giving a single account full control over the workspace.