1.0.1 • Published 3 years ago
@greymass/webauthn v1.0.1
eosio-webauthn
Helpers for creating WebAuthn PublicKeys and Signatures using @greymass/eosio.
Installation
The @greymass/webauthn
package is distributed as a module on npm.
yarn add @greymass/webauthn
# or
npm install --save @greymass/webauthn
Usage
import {createPublic, createSignature} from '@greymass/webauthn'
// create credentials
const credentials = await navigator.credentials.create({
publicKey: {
// Your website domain name and display name
// note that your website must be served over https or signatures will not be valid
rp: {id: 'greymass.com', name: 'Greymass Inc.'},
user: {
// any old bytes(?)
id: new Uint8Array([0xbe, 0xef, 0xfa, 0xce]),
// username, usually the users account name but doesn't have to be
name: 'teamgreymass',
// will be displayed when the user asks to sing
displayName: 'Team Greymass @ Jungle 3 TestNet',
},
// don't change this, eosio will only work with -7 == EC2
pubKeyCredParams: [{
type: 'public-key',
alg: -7,
}],
timeout: 60000,
// can be any bytes, more than 16 or some browser may complain
challenge: new Uint8Array([
0xbe, 0xef, 0xfa, 0xce, 0x22, 0xbe, 0xef, 0xfa, 0xce, 0xbe, 0xef, 0xfa, 0xce,
0xbe, 0xef, 0xfa, 0xce, 0x22, 0xbe, 0xef, 0xfa, 0xce, 0xbe, 0xef, 0xfa, 0xce,
]).buffer,
},
});
const publicKey = createPublic(credentials.response)
// make sure to persist credentials.id somewhere or you will not be able to sign again with this key!
// ... create or update an existing eosio account to use the new key as a key auth ...
// ... create a transaction using @greymass/eosio ...
const transactionDigest = transaction.signingDigest(myChainId)
// sign transaction
const assertion = await navigator.credentials.get({
publicKey: {
timeout: 60000,
// credentials we created before
allowCredentials: [
{
id: credentials.rawId,
type: 'public-key',
},
],
// the transaction you want to sign
challenge: transactionDigest.array.buffer,
},
})
const signature = createSignature(publicKey, assertion.response)
const signedTransaction = SignedTransaction.from({...transaction, signatures: [signature])
/// ... broadcast your signed transaction to the network ....
Developing
You need Make, node.js and yarn installed.
Clone the repository and run make
to checkout all dependencies and build the project. See the Makefile for other useful targets. Before submitting a pull request make sure to run make format
.
Made with ☕️ & ❤️ by Greymass, if you find this useful please consider supporting us.