Last week at Dappcon, Fission demoed the newest feature for Webnative SDK - WalletAuth. WalletAuth makes it possible for users to connect to Webnative-enabled apps using only their blockchain address to manage their files.
Why a Blockchain Address?
Blockchain accounts (or public wallet addresses) are how users interact with Web3. They are on-chain identities.
Fission's Webnative SDK already provides key management for passwordless logins using the WebCrypto API built into browsers, but this is not something users are used to. The adoption of blockchain accounts means there are something like 50M users with existing public / private keys.
WalletAuth enables users to login using their regular blockchain account - no username, password, or email required. Then, WalletAuth adds a secure, encrypted file system: users can upload public and private files to IPFS via the app.
Furthermore, the data is linked to the user's wallet, not stored in the app itself, so it can't be lost. The user maintains access to those files as long as they have access to their Ethereum keys. For developers, this means being able to increase the usability of their app, without having to run a central file storage or server interface: every user brings their own files, much like a mobile app requesting access to your phone photos.
Encryption at CASA
The proof of concept for WalletAuth uses the MetaMask Encrypt / Decrypt function, but this is being deprecated due to issues using the same keys for signing and encryption. We had great discussions with the MetaMask and WalletConnect teams, and have put in a placeholder issue to work on an encryption/decryption approach that should work across wallet clients and across blockchains.
WalletAuth in Action
If you'd like to see WalletAuth in action, we invite you to test our demo and share your feedback with us. Currently WalletAuth supports Ethereum main-net and EVM-powered chains, but we have plans to roll out support for Cosmos and Filecoin in the future.