OTP Verification
Management actions (update, list, delist, release) require one-time password verification to prove the caller controls the registered address. This is powered by ZVS - the Zcash Verification Service. For the low-level spec see OTP Protocol.
OTP verification addresses
You send the verification transaction to the ZVS address (separate from the main registry address):
| Network | Address |
|---|---|
| Testnet | utest100qlkeru5c3m5kfrwe2hsmcfzmusreaza2prdyelg2kd2tr2842nceq952vay3gpmgky09fgft4z57h4z2zqzz5rcwgd4q90u54ek5yyca4s6e6y2jja9sww27kzedzznjcupcu0svq2exvq995c0lhl5zm53g4ksnm2xuwt3snv4dgh |
| Mainnet | u1gphl7vrklduuv96kpw4eetx4vrs8nnk7w9tuzvppyuuctw0tuskkpmfulrjapr05zh78p3chpxhx3tm28qau3uwd36k94vgucpxphyv5hkg36nhvr4axeljpz04acdhc7vskg9nsxfhylcl5lnspxtkrhjzn5xaedr2ae567ks3gz24u |
The amount is 0.002 ZEC on both networks.
How it works
- The web app generates a verification memo with a unique session ID and your registered address.
- You send this memo to the ZVS address as a shielded transaction (0.002 ZEC).
- ZVS detects the transaction, computes a 6-digit OTP, and sends it back to your address as a shielded memo.
- You enter the OTP in the web app to authorize the action.
Why this exists
ZNS has no accounts or passwords. The only way to prove ownership of a name is to prove control of the Zcash address it’s registered to. OTP verification does this by requiring a transaction from that address and delivering a response to it.
For the memo grammar, HMAC derivation, and security properties, see OTP Protocol.
Last updated on