Myd.js NPM | npm.io

Myd.js

Single Sign On and API library to be used with the Myd self sovereign identity service.

MyD is the self sovereign identity (SSI) provider for the Europechain enterprise blockchain. MyD identities can be used for sovereign personal and other data to be stored and exclusively controlled by the user. MyD nor Europechain can view or manipulate data of their users.

Developed by Gimly Blockchain Projects, commissioned by Europechain.

Install

npm i myd.js

Usage

Applications can use the MyD single sign on (SSO) features to provide an easy way to sign in, provide an identity, access the user's sovereign data vault (with explicit permission authorization from the user) and call smart contracts on the Europechain blockchain.

Users use a familiar username and password system to log in. Behind the scenes, a unique private key (EC secp256k1) is created on the client's browser which authorizes requests and encrypts data before it is sent to the MyD server. This key can also be used to control the user's MyD account directly on the Europechain blockchain. Each app using MyD SSO get a separate key scoped to their origin.

This private key is never visible to the server (sovereign authentication). The private key can be used to send digital signatures to prove their identity. The server stores the public key to do this verification. This is significantly different from traditional SSO authentication which generates and stores the same secret token on both the client and server. The main advantage of the private key model is that if there is a data breach, the user's authentication is not compromised and the user in the client must be active online to make data requests for data consent.

Using the private key

When you receive the private key in your domain's client it retains this property of being sovereign authentication. You can validate that the private key works by making a request for the user's data in the client as shown in Step 3 of the documentation.

You can send the private key received in the SSO flow to your server. At this point, the private key will lose the property of being sovereign authentication. The server should be able to make requests using the private key for the user data the same as on the client.

So should I use Myd from the client or from the server?

The system has been designed so that the user does not need to give their private key to a server. This is a security decision designed to empower the user so that they will always know when their data is being used. We have built it in a way so that you can request user data from your clients in a secure way without sending the private key to your server.

That said, sometimes it is handy to have the private key on your server. For example, if you need to make programmatic requests on behalf of the user when they are not online for their data, you would need to do this from the server. This is okay, and a decision of the developer of the application to do. But it is important to know that this compromises one of the enhanced security properties we have built, and that the application is then responsible for securely managing this private key.

SSO Sign in with myd button

See SDK Guide below for usage in development

Step 1. Signup page with "Sign up with myd" button

import React from 'react';
import Myd from 'myd.js';

// Dowload from https://unpkg.com/myd.js/dist/myd.min.css
import './myd.min.css';
  
function SignupButtonPage(props) {
    function onSignup() {
        const myd = new Myd();
        myd.signupWithMyd();
    }

    return (
        <div>
            <link href="https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@700&display=swap" rel="stylesheet" />
            <div onClick={onSignup} class="myD-link">
                Create account with <img src="https://unpkg.com/myd.js/dist/logo-short.svg" alt="" />
            </div>
        </div>
    )
}

export default SignupButtonPage;

Step 1. Login page with "Sign up with myd" button

import React from 'react';
import Myd from 'myd.js';

// Dowload from https://unpkg.com/myd.js/dist/myd.min.css
import './myd.min.css';
  
function LoginButtonPage(props) {
    function onLogin() {
        const myd = new Myd();
        myd.loginWithMyd();
    }

    return (
        <div>
            <link href="https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@700&display=swap" rel="stylesheet" />
            <div onClick={onLogin} class="myD-link">
                Login in with <img src="https://unpkg.com/myd.js/dist/logo-short.svg" alt="" />
            </div>
        </div>
    )
}

export default LoginButtonPage;

Step 3. Create a new user on myd.online and register app with myd.online

You can create in occasion here:

https://myd.online/user/my-apps

Step 4. Create auth redirect page "https://example.com/auth-redirect"

import React, { useEffect } from 'react';
import Myd from 'myd.js';

function AuthRedirectPage(props) {
    useEffect(() => {
        // useEffect() is run when the page first renders (it's a React thing, no need to do anything with this unless using React)
        async function main() {
            // This should be run when the page first renders
            const myd = new Myd();
            let user = await myd.getAuthorizedUser();
            console.log(user);

            let userProfile = await myd.userGet()
            console.log(userProfile.profile);
            
            const europechainApi = myd.blockchainAccounts.find(x => x.blockchainName === "europechain");
            const txHelloWorld = await europechainApi.transact("hello", "hi", { message: "hello world" });
            console.log(txHelloWorld);
            const txTransfer = await europechainApi.transfer(myd.euroechainAccountName, "dablockstalk", "1.0000 XEC", "Memo of transfer");
            console.log(txTransfer);
        }
        main();
    })

    return (
        <div>
            Hello
        </div>
    )
}

export default AuthRedirectPage;

SDK

/**
    Spec: Constructs a new myd object
    @arg {object} options
    @property {string} client - origin of myd client (e.g. to "http://localhost:3000" for testing)
    @property {string} server - origin of myd server (e.g. to "http://localhost:4000" for testing)
    @property {string} europechainApi - origin of Europechain API (e.g. to "http://localhost:8888" for testing)
    @property {string} waxApi - origin of WAX API (e.g. to "http://localhost:8888" for testing)
*/
constructor(options)

/**
    Spec: Sends the user to myd.online to create a new account as part of SSO flow, afterwhich they will be be redirect back to this app
*/
async function signupWithMyd()

/**
    Spec: Sends the user to myd.online to login as part of SSO flow, afterwhich they will be be redirect back to this app
*/
async function loginWithMyd();

/**
    Spec: Unpackages the user's credentials after they have signed in using the SSO workflow
    and initializes the myd instance to send calls using these credentials
    @return {object}
    @property {string} userId - Unique user ID for the logged in user
    @property {string} privKey - private key for this app for this user in WIF format
        https://en.bitcoin.it/wiki/Wallet_import_format
*/
async function getAuthorizedUser();

/**
    Spec: If requested by an application, returns the user and their decrypted data vault with fields as consented by user
    @return {object}
    @property {object} auth - Object with data related to webauthn login
    @property {object} profile
    @property {string} profile._id - unique user id
    @property {date}   created - time the user was created
    @property {object} permission - Object with information about the permission used to create the request
    @property {object} myVault - decrypted data vault with personal information
    @property {string} ecdhPubkey - Public key used to make this request
*/
async function userGet();

@infinitebrahmanuniverse/nolb-myd @everything-registry/sub-chunk-2233 @zalastax/nolb-myd

3 years ago

3 years ago

3 years ago

3 years ago

3 years ago