Customauth: onboarding and signing
Context
This merge request implements the ability for the user to onboard on umami using Torus's CustomAuth, and to sign transactions using the same system. Torus is a blockchain storing relations between authentification providers (google, twitter, etc) and secret keys.
This relationships is stored in a map that we created on Torus to store our users data. Each app uses it's own map, thus, credentials are not shared between wallets. However, we decided to share Kukai's map to those users switch between wallets. We originally planned to handle as much provider as possible. However, this is tedious, and also Kukai only provided us with the Google provider map for now. In the future, we will handle more providers.
Technical details
Maps storing credentials are called verifiers
. Our verifiers are described in CustomAuthVerifiers
and in the commit verifiers
.
There is only one important function used from CustomAuth, triggerAggregateLogin
, which is use both for
initial onboarding and operation signing: each time a user want to run a transfer, the popup opens and asks they to authenticate with the given provider.
State of the implementation
providers verifiers testnet (account + verifier)
-
Google
providers verifiers mainnet
-
Google
Features
-
Onboarding -
Signing with CustomAuth -
Accounts icons on account views -
Accounts icons in Send form and Confirmation modal (Sender account and Recipient account) -
Provider icons on onboarding
Bugs:
-
No such file when the first account is customauth (forgot to create dir probably) -
No secret found when deleting the last account and this account is customauth
fixes #236 (closed)
Mockups here