In keeping with our vision for user-owned authentication, we expended a lot of effort to get wallet based login to work -- a hefty feat in mobile.
AllSpark uses Web3Auth to create a public private key pair. The newly created / already existing wallet is associated with your preferred social login account. The sensitive application data is then encrypted in-device with a key derived from your wallet.
In the near future the wallet login will allow us to do a few exciting things:
- Direct blockchain rewards to your account.
- Wallet phrase based login
- Wallet connect integration once we have replacement protocols for eth_getEncryptionPublicKey
- Wallet connect APIs for generating a similar flow.
Since an application is in an untrusted space, it creates a challenge for correctly setting up any form of authentication gates. In AllSpark the idea is that authentication is just the capability to decrypt the database (have access to decryption key from touchId or provision device with Web3Auth private key.
Web3Auth provided a working solution after attempting and failing with a few different providers. The focus for dapps seems to create a selection bias for browser based login.
1) Rownd.com
2) Magic.link
3) Moralis
4) stych
In a follow up post we will discuss our future plans and a more detailed write up with the issues encountered with these providers.
Best,
-Yonz
Top comments (0)