Principal
A principal is a cryptographic identifier used to describe the source or destination of a message.
Representation
Binary
A principal consists of a variable-length byte array. The last byte is used to indicate the type. The table below gives the type inferred from the last byte.
| Byte | Type |
| none | Management |
0x01
|
Opaque |
0x02
|
Self-Authenticating |
0x03
|
Derived |
0x04
|
Anonymous |
0x05
|
Unassigned |
Textual
A principal is shown in textual format by prepending it with its CRC-32 value in big-endian byte order, applying Base32 encoding without padding, grouping characters by length five, and separating them by a hyphen. The table below gives some common principals.
| Principal | Description |
|---|---|
aaaaa-aa
|
management canister |
rrkah-fqaaa-aaaaa-aaaaq-cai
|
governance canister |
ryjl3-tyaaa-aaaaa-aaaba-cai
|
ledger canister |
tdb26-jop6k-aogll-7ltgs-eruif-6kk7m-qpktf-gdiqx-mxtrf-vb5e6-eqe
|
network nervous system |
2vxsx-fae
|
anonymous user |
Types
There are several types of principals.
Management
The management principal is used to reference the management canister.
Opaque
An opaque principal is used to reference any canister that is not the management canister.
Self-Authenticating
A self-authenticating principal is used to reference a subnet or user.