search

storacha / w3up

⁂ w3up protocol implementation
https://github.com/storacha-network/specs
Other
60 stars 22 forks source link

Client should setup space recovery when it creates one #945

Open Gozala opened 1 year ago

Gozala commented 1 year ago

Right now our clients create a space and delegate all capabilities to the agent, which later delegates them to the account.

This has two the problem that access to space can be permanently lost if agent gets compromised.

What we should do instead is on space creation setup a recovery plan. I think we can offer them to provide an account email so that it has full privileges for the account.

We can also follow the established cow path in the space and also ask user to write down set of phrases from which space key can be derived.

By doing both we will ensure that user will never loose access to their space.

Gozala commented 1 year ago

So here is how things work today

w3 space create
did:key:z6MkqneEnjm67escdX9mXRniyh3habma5CvDMNRXpz78wvKy

w3 space register gozala@...
⁂ space registered to gozala@...

w3 up /Users/gozala/Downloads/w3-aggregation.svg
  1 file 0.2MB
⁂ Stored 1 file
⁂ https://w3s.link/ipfs/bafybeig6klboqjlqq55hbtx3xvsqqjvnopcluwj6jhn5ctqtgcet45qwtu

Here is how I suggest they work in the future


w3 space create ⏎
⁂ did:key:z6MkqneEnjm67escdX9mXRniyh3habma5CvDMNRXpz78wvKy

⚠️ Here is your unique paper key, which will allow you to recover access to the created space on a different device in case access to all other devices are compromised. This is the only time you'll see this so be sure to write it down and then hit enter

seven physical orange dash island village scatter together recycle echo ladder cash response become aim desert desk advice axis gown unfold reduce plate rifle

⏎
⁂ Just to be sure you got it right, please enter or paste the paper you have saved and then hit enter

....
⏎
⁂ We recommend delegating full access to this space to your email address, which will allow you to gain access to the space using simple email authorization and without a paper key. If you exit now recovery email will not be setup and you will need to use paper key to authorize on a new device. Please enter email address you wish to authorize and hit Enter or hit Enter to use gozala@....com
⏎
⁂ New space is created, but it does not yet have any storage capacity. You can hit Enter to provision this space with gozala@...m account. You can also exit now and arrange storage later by running `w3 space provision` command.
⏎
⁂ Your new space is all set and ready to store content
...
alanshaw commented 1 year ago

LGTM, although as discussed before please ensure parameters exist for non-interactive use cases.

How do we use paper key to authorize on a new device?

Gozala commented 1 year ago

How do we use paper key to authorize on a new device?

space recover did:key:zMySpace
⁂ Please enter or paste the paper key displayed during space creation and press Enter key
ℹ️ We will not store this key, but we will use it to delegate access to w3 on this device

# User pastes the key

✨ Space has been added

We could also fold it under space add if we wanted to

Gozala commented 1 year ago

Created an event diagram

stateDiagram-v2

mnemonic: ⁂ Save this key 📜
verify: ⁂ Enter saved key
confirm_email: ⁂ Confirm by clicking link in email
state has_account <<choice>>

[*] --> mnemonic: > w3 create stuff
mnemonic --> verify
verify --> has_account: is authorized ?

has_account --> authorize_with: Yes
authorize_with: ⁂ Provision with alice@web.mail ?

state authorize_with_proceed <<choice>>
authorize_with --> authorize_with_proceed
authorize_with_proceed --> recovery: Yes
authorize_with_proceed --> [*]: No

has_account --> want_provision: No

want_provision: ⁂ Want to provision space ?
state want_provision_choice <<choice>>

want_provision --> want_provision_choice
want_provision_choice --> [*]: No
want_provision_choice --> authorize: Yes

authorize: ⁂ What is your email address ?
authorize --> authorization
authorization: > alice@web.mail
authorization --> confirm_email
confirm_email --> recovery

recovery: ⁂ Setup recovery with alice@web.mail ?

state recovery_choice <<choice>>

recovery --> recovery_choice

recovery_choice --> setup_default_recovery: Enter
recovery_choice --> done: Exit
recovery_choice --> setup_custom_recovery: bob@web.mail

setup_default_recovery: ⁂  Delegating access to alice@web.mail
setup_custom_recovery: ⁂  Delegating access to bob@web.mail

setup_default_recovery --> done
setup_custom_recovery --> done

done: ✨ Space is ready
Gozala commented 1 year ago

PR tackling this https://github.com/web3-storage/w3up/pull/1046

alanshaw commented 1 year ago

Would be good to get an example of what this looks like in code using the w3up-client :)

Gozala commented 1 year ago

Would be good to get an example of what this looks like in code using the w3up-client :)

Here is the test that shows above workflow in code with w3up client

https://github.com/web3-storage/w3up/blob/3cbce6745fa94679e8e15e5801df492853d9fa1b/packages/w3up-client/test/account.test.js#L109-L143