Crypto-authentication is made easy with our services.
The general workflow for authentication with a crypto wallet is as follows :
- Request a one time use nonce from our API
- Make the user sign a specially formatted message
- Send the message back to our API with its content for validation
However you can enable two levels of security in your app. The less secure way has less integration overhead.
Fast Method
Let's break down the process :
- Your frontend, with the help of drengr-connect requests directly a nonce from our API
- The user is then prompted by their wallet to sign a message. The message with the signature is sent back to your backend
- Your backend transmits the message with the signature to our API for verification
- The verification result is sent to your backend. You can then follow with your authentication process (eg: Adding the address to a database ...)
Security considerations
It is absolutely important that your backend performs a check before sending it to our API. You must check that the signed message domain or uri corresponds to your domain or your connection uri. If it does not correspond you MUST reject the authentication request immediately.
Avoiding this check makes you vulnerable to phishing attack. An attacker could harvest the signature of the user on another website and then connect to your website using this signed message.
However this method still leaves room for phishing attacks. It is up to the user to check that he is not signing messages on maliciousdomain.com with yourdomain.com in the message.
Secure method
Let's break down the process :
- Your frontend, by user interaction init the authentication process. It sends along the address of the user
- Your backend asks for a nonce associated to this address. You should save somewhere the association between this nonce and the address
- The nonce is transmitted to the frontend
- The user is then prompted by their wallet to sign a message. The message with the signature is sent back to your backend
- Your backend transmits the message with the signature to our API for verification. You MUST check that the nonce corresponds to the nonce you transmitted earlier in the process
- The verification result is sent to your backend. You can then follow with your authentication process (eg: Adding the address to a databse ...)
Security check
If the signed message received by your backend from your frontend has a different nonce or domain than expected you must cancel the authentication process