Each time the user logs in we need to unlock the wallet stored in their browser so that it can be used to sign attestations on their behalf. This is accomplished using a deterministic schema by which the client and server each generate a component of the password without revealing their secret to the other party (client and server).
Improvements:
[ ] Register the wallet address by user on the server.
[ ] Require that the same wallet address cannot be associated with multiple users.
[ ] Generate a random string for each registered wallet and store it on the server.
[ ] Include the random string in the wallet token returned by the server.
Each time the user logs in we need to unlock the wallet stored in their browser so that it can be used to sign attestations on their behalf. This is accomplished using a deterministic schema by which the client and server each generate a component of the password without revealing their secret to the other party (client and server).
Improvements: