Skip to content
This repository has been archived by the owner on Nov 25, 2024. It is now read-only.

Precompile: WebAuthn verification #87

Open
Rjected opened this issue Jul 11, 2024 · 0 comments
Open

Precompile: WebAuthn verification #87

Rjected opened this issue Jul 11, 2024 · 0 comments
Labels
A-precompile Related to an alphanet precompile C-enhancement New feature or request

Comments

@Rjected
Copy link
Member

Rjected commented Jul 11, 2024

We should make a precompile for WebAuthn, so that passkey verification (or verification of other webauthn compatible credentials) is cheap and easy.

This library seems to be the standard for WebAuthn usage in solidity:
https://github.com/base-org/webauthn-sol

And has a simple ABI that we can probably re-use, and should be easy to parse:

struct WebAuthnAuth {
    /// @dev https://www.w3.org/TR/webauthn-2/#dom-authenticatorassertionresponse-authenticatordata
    bytes authenticatorData;
    /// @dev https://www.w3.org/TR/webauthn-2/#dom-authenticatorresponse-clientdatajson
    string clientDataJSON;
    /// The index at which "challenge":"..." occurs in clientDataJSON
    uint256 challengeIndex;
    /// The index at which "type":"..." occurs in clientDataJSON
    uint256 typeIndex;
    /// @dev The r value of secp256r1 signature
    uint256 r;
    /// @dev The s value of secp256r1 signature
    uint256 s;
}

function verify(
    bytes memory challenge,
    bool requireUserVerification,
    WebAuthnAuth memory webAuthnAuth,
    uint256 x,
    uint256 y
) internal view returns (bool) 

This library looks promising for the implementation:
https://github.com/1Password/passkey-rs

The solidity library references WebAuthn level 2 docs, and the library supports level 3. The level 3 "authenticator assertion response" (authenticatorData) fields seem to be backward compatible, with the new level 3 flags bits taking up the "reserved for future use" range from level 2.

authenticatorData level 2: https://www.w3.org/TR/webauthn-2/#authenticator-data
authenticatorData level 3: https://www.w3.org/TR/webauthn-3/#authenticator-data

The clientDataJSON field looks like it is unchanged between level 2 and level 3.

The docs from the library make it slightly more clear what we would need to implement:
https://github.com/base-org/webauthn-sol/blob/619f20ab0f074fef41066ee4ab24849a913263b2/src/WebAuthn.sol#L59-L96

The level 2 verification procedure spec: https://www.w3.org/TR/webauthn-2/#sctn-verifying-assertion
The level 3 verification procedure spec: https://www.w3.org/TR/webauthn-3/#sctn-verifying-assertion

I'm not sure yet which specific methods / structs expose the verification procedure, possibly the Authenticator, but this needs to be checked against the solidity library.

@Rjected Rjected added C-enhancement New feature or request A-precompile Related to an alphanet precompile labels Jul 11, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
A-precompile Related to an alphanet precompile C-enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

1 participant