Desmos single-sign-on process

[RiccardoM]

As of today, most users access their social networks accounts using different platforms like web and mobile apps. In the world of centralized social networks, users are able to log into different versions of the same app (eg. Facebook web and Facebook mobile) thanks to the fact that the username and password are always the same.

However, inside Desmos this is not easily possible. Suppose we have an application that has both web and mobile versions. In this case, the developers would have to develop their own web + mobile wallets and require the user to input their mnemonic phrase inside each one of them. While this is surely doable, it is a burden towards the user and also a possible security problem if any of such wallets is breached.

For this reason, what I think we should create is an application (Desmos Account Manager) that allows the user to manage their profile properly as well as to log into other applications that might want to perform actions on the user behalf.

Such system would act as follows:

1. The user scans a QR code which contains a series of permissions requests.
2. The user accepts the requests by performing a transaction inside Desmos granting those permissions to the application.
3. The application performs the proper transactions on the user behalf.

Here is the complete flow:

This will be possible thanks to the introduction of the new x/authz Cosmos module. With this module anyone will be able to perform a new kind of transaction named MsgGrant granting to another user the permission of performing particular actions on their behalf.

Pros

• The user does not have to input their mnemonic inside different applications, and their private keys will never exit the device
• Applications will not have to create a wallet to store the user keys
• The user will be able to manage their profile and the granted permissions from a single application

Cons

• If an application is malicious, it might perform unwanted actions on the user behalf.
  This however can be blocked immediately by performing a MsgRevoke transaction.

---

Please @bragaz @kwunyeung @dadamu let me know what you think.

[kwunyeung]

I'm studying the x/authz module recently as well. If this works, it opens a lot of use cases of Desmos. And it solves the subkeys issue I mentioned before. The MsgGrant is actually doing similar mechanism as Session in x/Magpie we have done before. The key being authorized can still be a key stored inside an application like how we demonstrated with Big Dipper which a Ledger authorized a key hosted on the web browser to post messages on behalf of the Ledger.

We can't control if a user uses a malicious app. The mechanism itself has no problem but a crypto user should take their responsibility on choosing applications that would act on behalf of it.

[leobragaz]

This replace the subkeys contract as well and extend it to every possible operation basically. Very exciting!
Talking about the SSO as a user I would feel better knowing that I don't have to prompt my mnemonic each time I have to log somewhere and in the other hand as a dev I would be relieved to not have to think about managing all those keys.
I think that to tamper the cons an app like the desmos account manager could also implement something as a revoke all auths.
I might like exploring this module 👀