AuthWallet 2.5
Simplifying Wallet Management with OAuth2.0, OpenID Connect, JWT, and RSA Verification and Account Abstraction
AuthWallet 2.5
Created At
Winner of
Sign Everything Pool Prize
🏆 ETHOnline 2024 Finalist
Project Description
AuthWallet 2.5 revolutionizes the way users interact with Ethereum wallets by integrating OAuth2.0, OpenID Connect, JWT, and RSA verification. This user-friendly solution eliminates the need for complex private key management, making secure wallet interactions accessible to all users. With AuthWallet, users can send ETH by email, manage attestations, and execute cross-chain transactions with ease.
How it's Made
Usually, KMS servers act as intermediaries for social sign-ins, but AuthWallet 2.5 directly verifies the ID Token from the Identity Provider (IdP) within the smart contract, removing the need for an intermediary.
Google JWKS Data Retrieval:
The application leverages Chainlink Functions and Chainlink Automation to securely fetch Google’s JSON Web Key Set (JWKS). These keys are used to verify JWTs signed by Google. The JWKS data is regularly updated to ensure the authenticity and integrity of the keys used in RSA signature verification for OAuth2.0 tokens.
OAuth2.0 & OpenID Connect for User Sign-In:
Users authenticate via OAuth2.0 and OpenID Connect flows. Upon successful authentication, the user receives an ID Token containing key information, including an account abstraction user operation hash. This hash represents a cryptographic fingerprint of the user's intended transaction on the blockchain.
Smart Contract JWT Verification:
The ID Token generated during sign-in contains a JWT. A dedicated smart contract verifies the JWT using RSA signature verification against the modulus fetched from the JWKS oracle. This ensures that the JWT is authentic and has been signed by Google. The contract interacts with the Chainlink-powered JWKS oracle to retrieve and validate the appropriate RSA keys used for signature verification.
EIP-1193 Compatibility:
The AuthWallet 2.5 is fully compatible with EIP-1193: Ethereum Provider JavaScript API. It also supports modern Ethereum libraries like viem and wagmi, making it easy to integrate with decentralized applications (dApps). In this demo, we utilize RainbowKit to simplify the connection of AuthWallet 2.5 to the Ethereum network.
Benefit
With AuthWallet 2.5, users do not need to have an existing wallet address to get started. This eliminates the barrier of requiring a wallet setup before onboarding, making it easier for new users to engage with the Ethereum ecosystem.
Inspiration
This implementation is heavily inspired by the referenced article and has been adapted to align with ERC4337 account abstraction principles.
