Brain Storming
Brain Stroming
Identity Provider - Brainstroming
Created by [Bobinson Bobby]
Facilitator | @Bobinson Bobby |
Participants | @Prabhjot Singh @Satyanarayana Koneru |
Brainstorm date | Jun 11, 2020 |
Video conference link | |
On this page |
Brainstorm planning
Goals of the brainstorm | Finalize the requirements for the Identify provider |
Participant instructions | Compare existing Identity / SSO providers |
Brainstorm pre-work & ideas
SSO document prepared by @Prabhjot Singh in 2019
HiveSigner
Scatter
Study Reference Architectures for dApps
Problem Statement
One of the challenges everyone in the blockchain is agreeing and facing is the lack of standards for signin, interaction with between wallets, an SSO mechanism similar to OpenID (Janrain version) which later got extended to Oauth. Needless to say, the blockchain space doesn't even have something similar to a simple gravtar system.
In the context of SSO few items we are trying to do is:
For a user with Twitch/Facebook account, it should be easy to sign up for a Peerplays account
Once a user owns say, EOS or Bitcoins, she should be able to easily signup or use Peerplays without going through the entire cycle of account creation etc.,
Our target market uses additional apps like STEAM, Discord & YouTube gaming (& there could be betting related apps).
The objective of the SSO is to provide a simpler mass onboarding mechanism for people with or without blockchain accounts to start participating in various public blockchains. Such an SSO service like Bitpass can have a massive impact on the blockchains. Graphene-based chains (Bitshares, SCORUM, STEEM & EOS), Bitcoin & Ethereum should be considered as our target blockchains. While storing private keys and "Brain Keys" should not be allowed, we can store Tokens like JWT with an expiry against private keys and store them in a secure database. The database will be encrypted at the store and in transit using TLS to ensure safety. In a nutshell, we can store a mapping between a private key-derived Time & URL-bound unique tokens & various services.
Further use cases: KYC similar to Passport from Telegram, create discord bots, Telegram bots, Access Twitch widgets
The wallet
Similar to the chains and services there is also a challenge with numerous wallet implementations and no clear, unified mechanism for the dApps to interact with wallets. In the case of lesser known blockchain projects its important to get noticed by Software Wallets like Exodus and hardware wallets like Ledger. We would essentially expose a mechanism for the wallets and dApps to integrate with us and also act as signature providers.
The transit API is such an example.
https://medium.com/eos-new-york/the-transit-api-connecting-dapps-signature-providers-5d816c056f7f
Along with the wallet, if we can also consider an extension of Transit API for Peerplays, that will be a great achievement.
The combination of SSO and wallet implementation with a Transit API-like interface will help us to onboard "masses" & safely interact with Peerplays via various dApps.
Thoughts and ideas are welcome!
Brainstorm outcomes
In a large dApp like peaked.com or StreamersEdge.com an identity provider that can help end users sign transactions is helpful to isolate the authentication and authorization functionalities from the application business logic
We will have to provide easy account creation using existing social accounts like Facebook, Twitter, etc., as opposed to be expecting users to be blockchain savvy. This would mean that the identity provider component should store the MASTER_PASSWORD or the generated keys and lease them to the dApps as when needed.
Last updated