Skip to content

ARC-0031 : Authentication with Algorand accounts #160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 39 commits into
base: main
Choose a base branch
from
Draft

ARC-0031 : Authentication with Algorand accounts #160

Changes from 1 commit
Commits
Show all changes
39 commits
Select commit Hold shift + click to select a range
8de6348
arc-0014 first version
Apr 5, 2022
d33f1ad
arc-0014 update
Apr 5, 2022
34deaba
linters fix
Apr 5, 2022
ecd70d7
review until overview
Apr 7, 2022
5755c11
review until overview (typos)
Apr 7, 2022
26e9e06
ultimated version
Apr 14, 2022
65bac9a
style fix on overview
Apr 14, 2022
2a2e7f2
style fix specs
Apr 14, 2022
f5cdda1
style fix random
Apr 14, 2022
e0cb732
typo fix
Apr 20, 2022
7c705ed
new prefix and fix on txn-auth-msg sender param
May 25, 2022
d91fadc
rename of session design section
Aug 19, 2022
3747928
removing reference to PR#41
Aug 29, 2022
886b0da
Merge branch 'main' into pr/84
SudoWeezy Sep 9, 2022
1f088af
updating to match ARC-0 convention
SudoWeezy Sep 9, 2022
1401c2d
fix broken link
SudoWeezy Sep 9, 2022
ca7075e
removed session-related content
Sep 17, 2022
4fff311
fix typos + grammar
Oct 14, 2022
af20ddd
[WIP] Arc31
Jan 4, 2023
781a40e
arc31 rekeyed accounts
Jan 5, 2023
ea66bb4
minor typo
Jan 5, 2023
cb936e8
finalized arc-31
Jan 11, 2023
0da7597
ARC-0031: Reference Implementation
mrcointreau Jan 12, 2023
1ce6371
ref implementation details
deanstef Jan 12, 2023
5b9bbf6
readme disclamer ref impl
deanstef Jan 12, 2023
151f0fc
ref-impl readme requirements
deanstef Jan 12, 2023
ce6a80a
Remove ref-impl unnecessary package-lock.json files
mrcointreau Jan 12, 2023
33b301e
env vars in dockerfile + nit in api-v1
Jan 13, 2023
e207398
env examples
Jan 13, 2023
f3583e9
Merge pull request #1 from deanstef/reference-implementation
Jan 13, 2023
4fb50de
Merge branch 'algorandfoundation:main' into arc-0031
deanstef Jan 13, 2023
143b735
nit in multisig threshold
Jan 14, 2023
d2bf119
Replace myalgo-conect with @perawallet/connect
mrcointreau Feb 6, 2024
6978019
Merge branch 'algorandfoundation:main' into arc-0031
deanstef Feb 7, 2024
13d861e
Remove unused code
mrcointreau Feb 8, 2024
128b89f
Add api request body validation
mrcointreau Feb 8, 2024
c1a6c8d
Fix notifications icons and colors
mrcointreau Feb 8, 2024
51024c2
Refactor notification system
mrcointreau Feb 8, 2024
c6465fe
Merge pull request #2 from deanstef/feature/perawallet-connect
deanstef Feb 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
ref implementation details
  • Loading branch information
@deanstef
deanstef committed Jan 12, 2023
commit 1ce637167544807a2e498dfcaa936d77eaef057d
6 changes: 6 additions & 0 deletions ARCs/arc-0031.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -258,6 +258,12 @@ A digital signature generated with the secret key *SKa* of an Algorand account c

An attacker **MAY** attempt to cheat with the system by impersonating another User or Verifier. This is possible if the attacker can intercept the digital signature and use the same signature in a replay-attack or man-in-the-middle attack. To mitigate this scenario, the Verifier **MUST** generate a new message for each authentication request, and Wallets must always check the `auth-msg` domain field.

## Reference Implementation

The ARC-31 reference implementation is available in the `assets` directory of this repo `assets/arc-0031`. It provides an example of client-server authentication with ARC-31. The reference implementation uses [MyAlgoWallet](https://wallet.myalgo.com/) as the unique wallet (at the time of writing) providing the possibility of signing random bytes.

Reference implementation credits: [mrcointreau](https://github.com/mrcointreau)

## Copyright

Copyright and related rights waived via <a href="https://creativecommons.org/publicdomain/zero/1.0/">CCO</a>.