I've already written by e-mail that it would take us longer than expected.
We additionally developed a Rust-based client that allows the user to log into their Gmail account, receive a JWT, paste the JWT into the client CLI, generate an ephemeral public/private keypair, generate a ZK proof using the JWT, public key and salt as inputs and send it to the collator by calling the appropriate extrinsic. Note that the outputs of the client serve as inputs to the extrinsic calls.
Unfortunately we didn't find any Polkadot SDK-compatible library that is capable of verifying the jwt signatures against the OAuth2 Authorization Server (the instance that signs the JWT). We've tried using JWT compact, RSA, Ring but none of them worked, so we decided to implement it on the client instead. Obviousely, we can't assume that the client is trustworthy, however, we see this as the first step of a possible offchain-worker-based signature validation, since std libraries are supported there. Overall, the requirements changed during the process of developing and we realized, we need to build the client first, otherwise it'd be too difficult to implement the on-chain part.
Project Abstract
Please replace these instructions with a brief description of your project summarising key points (1-2 paragraphs).
If your application is a follow-up to a previous grant, please mention which one in the first line of the abstract and include a link to previous pull requests if applicable.
[ ] I prefer the discussion of this application to take place in a private Element/Matrix channel. My username is: @_______:matrix.org (change the homeserver if you use a different one)
Hello,
I've already written by e-mail that it would take us longer than expected.
We additionally developed a Rust-based client that allows the user to log into their Gmail account, receive a JWT, paste the JWT into the client CLI, generate an ephemeral public/private keypair, generate a ZK proof using the JWT, public key and salt as inputs and send it to the collator by calling the appropriate extrinsic. Note that the outputs of the client serve as inputs to the extrinsic calls.
Unfortunately we didn't find any Polkadot SDK-compatible library that is capable of verifying the jwt signatures against the OAuth2 Authorization Server (the instance that signs the JWT). We've tried using JWT compact, RSA, Ring but none of them worked, so we decided to implement it on the client instead. Obviousely, we can't assume that the client is trustworthy, however, we see this as the first step of a possible offchain-worker-based signature validation, since std libraries are supported there. Overall, the requirements changed during the process of developing and we realized, we need to build the client first, otherwise it'd be too difficult to implement the on-chain part.
Project Abstract
Grant level
Application Checklist
project_name.md).@_______:matrix.org(change the homeserver if you use a different one)