ErgoAuth: User Authentication Protocol
Author: @MrStahlfelge
Status: Implemented
Created: 25-Jan-2022
Last change: 24-Oct-2022
License: CC0
Forking: not needed
Status: Implemented
Created: 25-Jan-2022
Last change: 24-Oct-2022
License: CC0
Forking: not needed
Description
This EIP defines a standard for trustless authentication of users of a wallet app and an online dApp.
Background And Motivation
dApps might want to validate if dApp users are really who they pretend to be. This is especially useful for dApps that grant certain abilities to holders of special tokens. At the moment, proving that a user owns a token can only be done by sending the token to a depositary address. By sending the token, the user proofed to have access privileges to the token.
However, sending token around is not always desirable. Especially for valuable tokens, users might not want to send it away, and doing two transactions (one to send it to the depositary address, one to refund it back) costs both time and transaction fees.
To overcome this, ErgoAuth proposes a way to authenticate users trustless to have access to certain addresses storing a box. The protocol is trustless in both ways: The users don't need to trust the dApp, because the dApp does not get access to funds or secrets. The dApp don't need to trust the users or the wallet app, because it can validate the authentication keys.
ErgoAuth authentication protocol
An authentication with ErgoAuth is driven by a dApp that needs to authenticate a user.
- The user enters the necessary information in the dApp's UI for the dApp to know if authentication is necessary. For example, users might enter their P2PK address (or, instead of manually entering, use ErgoPay to send the address to the dApp automatically).
- The dApp determines that authenticating the user is needed. For this, the dApp prepares a unique message that the wallet app should sign with a user's private key, and a SigmaBoolean that the user needs to authenticate for. This might be a P2PK address wrapped in a SigmaBoolean.
- The dApp presents an ErgoAuth link for the user to click and open the wallet app and a QR code for mobile users to scan from within the wallet app.
- The wallet application parses the QR code/link data and obtains a
ErgoAuthRequestUrlto fetch the actualErgoAuthRequestdata from. - When
ErgoAuthRequestis obtained, the wallet presents a screen showing that a dApp wants to authenticate the user, and the address the request is for. The wallet app should also inform the user that no funds or moved and no secrets will leave the device. - When the user agrees, the wallet app adds some own bytes to the obtained message from ErgoAuthRequest, signs it and sends the signed message to the ErgoAuthRequest's replyToUrl. The added bytes include the host address the authentication request was fetched from, added right after the message defined by the dApp. This way, dApp can check if a user authenticated via the right domain and there is no middleman.
- The dApp validates the signed message. When successful, it can proceed with its flow.
Data Formats
Wallet apps should be able to initiate ErgoAuth both by using URI schemes (clickable links) or QR codes.