shivam017arora / Passwordless

Passwordless Authentication using Zero Knowledge Proof
MIT License
0 stars 0 forks source link

Scan for either Creating DID #10

Open shivam017arora opened 1 year ago

shivam017arora commented 1 year ago

Receives QR code which has:

  1. Public Key
  2. MetaData a. Callback URL b. EncryptedPassword (issuer password which was saved when issuer registered)

API Example Input:

qr: <image> (public key encoded, metadata has callback url which calls ZK server to save the requested
args received and encryptedPassword of domain registered) 
Send request to callback url i.e ZK Server which sends

EncryptedSecret: <string> (public key encoded **DID** (which is randomly generated)),
domainPublicKey: <string>
encryptedPassword: <string>
usersPublicKey <string> (this is mobile app guy)

Output:

Successful, 200 (from ZK Server) which will check 
domainPublicKey and encryptedPassword match record and save the message with mobile app's user's public key. 

On Device, DID is saved as user's identity which is never transmitted over the network i.e never leaves the phone's memory.