did:key:zTHROWAWAYon the channel
att = ), but MUST include the entire proof chain that will be used in the actual credential delegation later. For the consumer, this is an a priori proof that you are communicating directly with an authorized machine, that has access to at least the capabilities that you are interested in.
fct) field. Since UCANs are signed, this is used to assert that the session key came directly from the authorized user.
did:key:zALICE, encrypted with the session key. The embedded UCAN is proof that the sender does, in fact, have permissions for the account, but it does not delegate anything yet. The facts section (
fct) includes the same session key that is used to encrypt the data on this channel.
issfield) MUST match the channel's DID (i.e. the DID that you are requesting from).