Intercoin / Wallet

It's a secure wallet -- and you don't have to install it!
GNU General Public License v2.0
0 stars 0 forks source link

Front end: webauthn implementation #1

Open EGreg opened 1 year ago

EGreg commented 1 year ago

Research

Please visit https://webauthn.io/ to see a demo of how it works. It integrates with the built-in authentication managed by the browser and operating system, and the private keys are stored in a U2F device or -- these days very often -- in a secure enclave inside the computer or phone on which the browser is running. The actual identity is managed through the user's operating system, as it does for many other applications and people rely on every day.

Then please read the basic overview of the Web Authentication API. The challenge normally comes from a server, to be signed using the and it is the server that then validates the signature. During registration, an authenticator can provide attestation about itself, when providing a public key to be saved on the server / blockchain. Then, during authentication, the authenticator signs the challenge using the private key corresponding to the public key.

Here are more resources about WebAuthn

Implementation

  1. Implement a simple self-contained HTML page, with no external dependencies, that includes a copy of ethers.js locally inline in a Githubissues.

  2. Githubissues is a development platform for aggregating issues.