Skip to content

Customauth: onboarding and signing

Steve Sanches requested to merge feature/customauth into develop

Context

This merge request implements the ability for the user to onboard on umami using Torus's CustomAuth, and to sign transactions using the same system. Torus is a blockchain storing relations between authentification providers (google, twitter, etc) and secret keys.

This relationships is stored in a map that we created on Torus to store our users data. Each app uses it's own map, thus, credentials are not shared between wallets. However, we decided to share Kukai's map to those users switch between wallets. We originally planned to handle as much provider as possible. However, this is tedious, and also Kukai only provided us with the Google provider map for now. In the future, we will handle more providers.

Technical details

Maps storing credentials are called verifiers. Our verifiers are described in CustomAuthVerifiers and in the commit verifiers.

There is only one important function used from CustomAuth, triggerAggregateLogin, which is use both for initial onboarding and operation signing: each time a user want to run a transfer, the popup opens and asks they to authenticate with the given provider.

State of the implementation

providers verifiers testnet (account + verifier)

  • Google

providers verifiers mainnet

  • Google

Features

  • Onboarding
  • Signing with CustomAuth
  • Accounts icons on account views
  • Accounts icons in Send form and Confirmation modal (Sender account and Recipient account)
  • Provider icons on onboarding

Bugs:

  • No such file when the first account is customauth (forgot to create dir probably)
  • No secret found when deleting the last account and this account is customauth

fixes #236 (closed)

Mockups here

Edited by Rémy El Sibaïe

Merge request reports