Design authentication flows to allow for sign in with Keplr or email (Keystone)

[erikalogie]

Design Artifacts

• Prototype of land steward flow: https://www.figma.com/proto/2YgNiS6APbaUmviJWhOCoQ/Log-in-Sign-Up-Flows?page-id=2%3A586&node-id=3%3A7634&viewport=256%2C48%2C0.13&scaling=scale-down&starting-point-node-id=3%3A7634&show-proto-sidebar=1
• Land steward flow, starts here and goes to the right: https://www.figma.com/file/2YgNiS6APbaUmviJWhOCoQ/Log-in-Sign-Up-Flows?node-id=3%3A7634
• Buyer flow prototype view: https://www.figma.com/proto/2YgNiS6APbaUmviJWhOCoQ/Log-in-Sign-Up-Flows?page-id=2%3A586&node-id=3%3A5356&viewport=256%2C48%2C0.13&scaling=scale-down&starting-point-node-id=3%3A5356&show-proto-sidebar=1
• Buyer flow, starts here and goes to the right: https://www.figma.com/file/2YgNiS6APbaUmviJWhOCoQ/Log-in-Sign-Up-Flows?node-id=3%3A5356
• Competitor flows: https://www.figma.com/file/2YgNiS6APbaUmviJWhOCoQ/Log-in-Sign-Up-Flows?node-id=0%3A1

[erikalogie]

@blushi can you review this when you get a chance?

[erikalogie]

@aaronc I think it would be good if you take a peak at this (links in description). I did some research into how other dapps are handling email vs. wallet extension log in, and I quite liked the approach of TokenSets (https://www.figma.com/file/2YgNiS6APbaUmviJWhOCoQ/Log-in-Sign-Up-Flows?node-id=2%3A10). Their level of security is lower than what Torus uses, but I think it could be a starting point for a lot of actions on the Registry, and then additional tbd security measures could be triggered by higher security events, as we've discussed in the past.

[dtkong]

this seems reasonable. we may still want to ask for a user's email depending on the type of user. otherwise, we won't have much of a way to send them notifications for business processes, so i'm sensing this is more important for the project developers.

[erikalogie]

Good call. I'll add email as a required field in the keplr sign up flow for project developers.

On Tue, Oct 19, 2021 at 1:34 PM Darren Kong @.***> wrote:

this seems reasonable. we may still want to ask for a user's email depending on the type of user. otherwise, we won't have much of a way to send them notifications for business processes, so i'm sensing this is more important for the project developers.

— You are receiving this because you were assigned. Reply to this email directly, view it on GitHub https://github.com/regen-network/regen-registry/issues/708#issuecomment-947044058, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACARPTPAACUZ6IMRW5WW7GTUHXB55ANCNFSM5F5OBG7A . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.