feat(wallet-daemon): add new authentication method #1275
Assignees
Milestone
Comments
ksrichard
moved this to Selected for development
in Tari Digital Assets Network (DAN) backlog
ksrichard
moved this from Selected for development
to In Progress
in Tari Digital Assets Network (DAN) backlog
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Context
We must have an authentication method in wallet daemon to avoid any attacks that ends with stolen funds for example.
Proposal for authentication method
Use Webauthn (more info about the flow: webauthn.me) as an optional authentication method in wallet daemon.
This method allows us to securely do authentication on a public/private key basis. You are also allowed to use security hardware devices like Yubikey.
This method works perfectly on browser, but it needs to be working from CLI or code to call RPC methods.
Proposal for CLI
Webauthn authentication can work like we generate a simple URL that the user can open in browser, do authentication to get a token that can be pasted to the CLI prompt to make it working.
Proposal for RPC calls from code
TBD
The text was updated successfully, but these errors were encountered: