Skip to content

mul1sh/ar-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits

public

public

 
 

src

src

 
 

.babelrc

.babelrc

 
 

.editorconfig

.editorconfig

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

.prettierrc

.prettierrc

 
 

CHANGELOG.md

CHANGELOG.md

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE.md

LICENSE.md

 
 

README.md

README.md

 
 

package.json

package.json

 
 

vue.config.js

vue.config.js

 
 

yarn.lock

yarn.lock

 
 

Repository files navigation

AR AUTH

Ar Auth is a permaweb app hosted on the arweave blockchain that allows arweave users to safely store their wallets in the blockchain. In exchange for this, they get an arweave phrase which they can use for login purposes for supported permaweb apps.

Check the Live Demo here.

Developers

To be enable the Ar Auth functionality in your permaweb app, simply do the following.

  1. Add arweave-js into your project, as described in the repo.
  2. Add the crypto.js dependency as a script tag, into your project. i.e.
<script src="https://f5hpy3qbh2ju.arweave.net/YIZY14pTrbl42h-txRSU5EzW9ZnizLEVA6qHyAmJQSU/js/crypto.js"></script>
  1. Get the arweave login phrase from the user on login i.e. via an <input/> tag. This phrase has to be a valid 12 word bip39 phrase otherwise the decryption will fail.
  2. Create a public key from the phrase, using the first 4 words of the phrase and then encode it in base64 i.e.
let publicKey = "";

mnemonic.split(" ").forEach((word, index) => {
    if (index <= 3) {
       publicKey += word;
    }
});
publicKey = btoa(publicKey);
  1. Use the public key above and do an ARQL query to get the encrypted wallet.
  arweaveTransactions = await arweave.arql({
	      op: "and",
		  expr1: {
		    op: "equals",
		    expr1: "ar-auth-public-key",
		    expr2: publicKey
		  },
		  expr2: {
		    op: "equals",
		    expr1: "app-id",
		    expr2: "ar-auth"
		  }
	});
  1. Finally get the details of the transaction returned above and then decrypt it to get the wallet details.
const data = tx.get('data', {decode: true, string: true});
const encryptedWallet = CryptoJS.AES.decrypt(data, mnemonic);
const stringWallet = encryptedWallet.toString(CryptoJS.enc.Utf8);
const userWallet = JSON.parse(stringWallet);
  1. Use the wallet as required :)

Use Cases

The most obvious use case for this functionality is in mobile as it will allow users to target all the mobile platforms without having to worry about the current quirks of reading the respective filesystems.

Future Changes

I want to work with the arweave team and continously improve the functionality of this permaweb app by adding the following features

  • Ability to define wallet roles so as to minimize the risk of losing funds in case of wallet compromise.
  • Find ways of reducing the size of the arweave phrase without degrading its entrophy.
  • Find ways of notifying the user in case suspicious wallet use is detected.

Contribution guide

  • Fork the repository
  • npm install or yarn install
  • Make changes
  • Open Pull Request

License

MIT

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

5 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages