Web3 Authentication
Web3 authentication is complex. Users need private keys for blockchain interactions. Managing keys is hard, and there is no central authority for recovery if a key is lost. Web3 wallets are a new concept and burdensome for Web2 users. This challenges onboarding compared to Web2 apps.
The Arcana Auth SDK simplifies Web3 onboarding, letting users sign transactions securely without complex key management.
Authentication Mechanisms
Web3 app developers can easily authenticate users by integrating with the Arcana Auth SDK. They can choose to use the built-in plug-and-play login UI or use a custom login UI to onboard app users. One or more authentication mechanisms can be enabled by using the Arcana Developer Dashboard. Only the configured authentication mechanisms are displayed in the login UI.
The following authentication mechanisms are supported:
Passwordless Login
Passwordless login is enabled by default for all apps that integrate with the Arcana Auth SDK. There is no way to disable it when using the built-in, plug and play login UI.
Associating Web3 Keys with Authenticated Users
The Arcana Auth SDK works with the asynchronous distributed key generation subsystem in the Arcana Auth product. It ensures that an authenticated user's social identifier is mapped to the public key at the very first successful login after verifying the JWT token returned by the authentication provider. For every successive login to the app, this mapping is used to return the correct key shares to the authenticated user. User's private key is generated using a subset of key shares on the client side in a secure manner. For additional security, app users can use MFA that adds additional factor for local key generation. For details, see user key privacy and MFA.