nervosnetwork / ckb-auth Goto Github PK
View Code? Open in Web Editor NEWThis project forked from cryptape/ckb-auth
A consolidated library featuring numerous blockchains authentication techniques on CKB-VM
License: MIT License
This project forked from cryptape/ckb-auth
A consolidated library featuring numerous blockchains authentication techniques on CKB-VM
License: MIT License
Thank you for your hard work. I have successfully tested the secp256r1 in the auth_libecc
library. However, there is a major issue with this library as it only allows messages of 32 bytes.
As per the Webauthn specification, specifically section 6.3.3, the data to be signed must have a minimum length of 69 bytes. Although the ECC signature (DSS) requires the data to be hashed with SHA256, libecc
automatically handles this hashing process. If I pass an SHA256 hash to auth_libecc
, it will perform two passes of SHA256 hashing, resulting in a verification failure.
The message length is a part of the ckb-auth interface. The simplest workaround I can think of is to allow users to skip the SHA256 hash in libecc
and pass the SHA256 hash directly.
message: 2b8b05e1f0303efb898fe4d6de601198c7a7b864abbe6a21c73b2e787e187c520500000000384894418ce002769e96ff7d6703fce9b5ba98b56aab181349eed402146a3e81
sha256(message): c64b87698d4442f7692ad82aaddcb4b7c345770ada374a09752489c28b118f24
signature: bedea43a55185f12b458ec3ec590986e8c798fe2636424b12855d21e94b187a874eb3704471863d915b6e2cae932ad60ddd2bd1302ebbd116fa1b3396461808d
pubkey: 3538dfd53ad93d2e0a6e7f470295dcd71057d825e1f87229e5afe2a906aa7cfc099fdfa04442dac33548b6988af8af58d2052529088f7b73ef00800f7fbcddb3
The message
is a 69-byte binary that needs to be signed. It consists of 37 bytes of authenticator data and a 32-byte client data hash.
I'm trying to make ckb-auth work with the signature created by JoyID, more background can be found in my post: How to Verify JoyID WebAuthn Signature
What would need to be done to have support for the Algorand Blockchain?
Hello Cryptape, iCKB here ๐
I'm exploring the possibility on developing on top of CKB-Auth, so I'm wondering:
I'm asking here since GitHub issues are SEO friendly and very likely in the future there will be other L1 developers wondering the same ๐
Keep up the Great Work,
Phroi
secp256r1.md refers to auth.md for more details, but auth.md has nothing about secp256r1
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.