Explore public key based auth in Go

[xaur]

We have projects that use legacy email-based registration and authentication: dcrstakepool, Politeia and the upcoming contractor-mgmt. We might have new projects (#26, #38, DEX server) that will also continue the legacy tradition if nothing new is found.

Explore Go libraries that can be used to build browser authentication using PKI. They might implement standards like U2F (FIDO), SQRL, or something else. In short:

• to register, provide your public key and sign server's challenge with it, server remembers your pubkey and it becomes your primary identity
• to login, sign server's challenge
• to perform certain operation with high impact, again sign server's challenge

Email must die in fire (c).

Ok, not all email, but more specifically, mandatory email to register or authenticate. Very few people run their own email servers. Email was not designed as private comm protocol.

[matthewjamesr]

Hello, was directed here. I built a proof-of-work that does just this that I ask you to look at.

https://authparty.io

I would opt to port it to nodejs most likely.

[xaur]

@matthewjamesr the issue is to explore back-end libraries written in Go, and maybe front-end ones for JavaScript. They must do PKI-based signup and auth. The site you linked says

• "Blockchain-based Authentication on Counterparty Platform".
• "Utilize your Bitcoin or Counterparty-enabled wallet to enable seamless, secure, and cross-service authentication."
• "Early Access Sale"

I don't see how it is relevant here.