Ar Auth is a permaweb app hosted on the arweave blockchain that allows arweave users to safely store their wallets in the blockchain. In exchange for this, they get an arweave phrase which they can use for login purposes for supported permaweb apps.
Check the Live Demo here.
To be enable the Ar Auth functionality in your permaweb app, simply do the following.
- Add arweave-js into your project, as described in the repo.
- Add the
crypto.jsdependency as a script tag, into your project. i.e.
<script src="https://f5hpy3qbh2ju.arweave.net/YIZY14pTrbl42h-txRSU5EzW9ZnizLEVA6qHyAmJQSU/js/crypto.js"></script>- Get the arweave login phrase from the user on login i.e. via an
<input/>tag. This phrase has to be a valid 12 word bip39 phrase otherwise the decryption will fail. - Create a public key from the phrase, using the first 4 words of the phrase and then encode it in base64 i.e.
let publicKey = "";
mnemonic.split(" ").forEach((word, index) => {
if (index <= 3) {
publicKey += word;
}
});
publicKey = btoa(publicKey);- Use the public key above and do an ARQL query to get the encrypted wallet.
arweaveTransactions = await arweave.arql({
op: "and",
expr1: {
op: "equals",
expr1: "ar-auth-public-key",
expr2: publicKey
},
expr2: {
op: "equals",
expr1: "app-id",
expr2: "ar-auth"
}
});- Finally get the details of the transaction returned above and then decrypt it to get the wallet details.
const data = tx.get('data', {decode: true, string: true});
const encryptedWallet = CryptoJS.AES.decrypt(data, mnemonic);
const stringWallet = encryptedWallet.toString(CryptoJS.enc.Utf8);
const userWallet = JSON.parse(stringWallet);- Use the wallet as required :)
The most obvious use case for this functionality is in mobile as it will allow users to target all the mobile platforms without having to worry about the current quirks of reading the respective filesystems.
I want to work with the arweave team and continously improve the functionality of this permaweb app by adding the following features
- Ability to define wallet roles so as to minimize the risk of losing funds in case of wallet compromise.
- Find ways of reducing the size of the arweave phrase without degrading its entrophy.
- Find ways of notifying the user in case suspicious wallet use is detected.
- Fork the repository
npm installoryarn install- Make changes
- Open Pull Request
