spector-in-london
commented
1 year ago All, these these presentation overviews on Apache Milagro / M-Pin for context:
https://app.zenhub.com/files/647281395/b8ac1163-2958-4ea4-a91f-3eeb59b267c7/download
https://app.zenhub.com/files/647281395/fd6b90e6-bf4e-4dcc-8696-213205aad17d/download
Description
M-Pin is a multi-factor authentication protocol developed by Apache Milagro that provides strong security and user privacy while minimizing reliance on traditional password-based systems. It leverages pairing-based cryptography and the Distributed Trust Authority (DTA) concept to achieve its goals.
Every component in the system whether its Drey app or DAC (Drey Actuary Client) should contain an M-Pin client secret that enables it to multi-factor authenticate in zero knowledge to any other DAC instance. This will be over and above the Schnorr signatures that are standard part of the Nostr protocol.
Initiative / goal
Built-in multi-factor authentication is a hard requirement for financial services apps that authenticate to retrieve financial information according EU and USA laws. M-Pin enables zero knowledge multi-factor authentication for anonymous identities which is also crucial, as the Drey Actuary Client (DAC) instances should never store personally identifiable information about the Drey investor population. M-Pin enables a verified identity to use a hash of their identity characteristics concatenated together as the ID string.
Hypothesis
M-Pin solves a number of challenges for Drey Finance. It enables apps to multi-factor authenticate to DAC instances in zero knowledge, using a software only implementation.
Acceptance criteria and must have scope
All clients and DAC instances should be able to M-Pin multi-factor authenticate to any other DAC instance using M-Pin authentication.
Stakeholders
This is core tech/capability affecting all engineering, all stakeholders.
Timeline
TBC