In this guide, you will learn how you can onboard dApp users easily by enabling one or more authentication mechanisms supported by the Arcana Auth SDK.
Arcana Network's mission is to empower every user to login and authenticate into Web3 applications seamlessly with the familiarity and simplicity of Web2 login experience while ensuring secure access. Web3 requires extra effort in managing and securing blockchain keys for signing/approving transactions.
In the web3 ecosystem, a dApp user can establish a uniquely identifiable 1:1 connection to the blockchain using secrets called keys. These are private keys and not supposed to be shared. All user assets backed on blockchain are linked to this private key and its loss means loss of blockchain assets owned by the user. Crypto Wallets are an abstraction for keeping private keys secure. The Arcana Wallet is similar in functionality to a typical Crypto wallet that stores private keys. It is meant to keep crypto assets safe and accessible.
Arcana Wallet allows you to securely store the keys assigned to a user and manages the private key associated with each dApp user. This key is generated using Arcana distributed key generator or DKG.
Wallet is a much more secure mechanism as it never exposes the private key associated with each dApp end user. Instead, it works with the standard Ethereum Provider interface. Internally, it uses a distributed private key that is abstracted as an Ethereum provider and also associated with user's social OAuth or a public Wallet.
Typical Crypto wallets also allow users to send, receive, and spend cryptocurrencies like Bitcoin and Ethereum. At present, Arcana Wallet stores users private keys and does not yet enable transaction for XARs or Arcana Network tokens.
Arcana Wallet uses distributed key generated and backed by robust cryptographic primitives. This user key is never exposed to dApp or anyone. Wallet uses standard Ethereum provider interface for signing blockchain transactions.
Arcana Network also allows 3rd party wallets or dApp user's to bring their own keys for signing storage operations. Working with user keys directly is not recommended as user keys are visible to the dApp and a security risk.
Setup Auth SDK
To begin using Arcana Auth SDK, you need to first set it up and install it using npm, yarn or the CDN option.
npm install --save @arcana/auth
yarn add @arcana/auth
Using Auth SDK
To use the Arcana Auth SDK, a typical usage flow comprises of two steps:
Step 1: Register & Configure
First, register and configure your dApp. As part of registration, each dApp is assigned a unique appID. As part of dApp configuration, you will be required to specify details related to Arcana SDK usage and how you wish to tailor your user onboarding and blockchain transaction signing/approval experience for your dApp users. To register and configure your dApp, use Arcana Developer Dashboard:
Step 2: Initialize Auth SDK
Integrate your dApp with Arcana Auth SDK and initialize it before using any SDK functions. As part of initialization, you need to specify the unique appID assigned to your dApp.
That is all 🎉
Your dApp is now integrated with Auth SDK and you can invoke various SDK functions for triggering social OAuth, password-less login, and other supported Auth SDK functions.
You may be required to provide additional configuration inputs while setting up your dApp using the developer dashboard. These configuration settings depend upon whether you wish to enable one or more authentication mechanisms for dApp user onboarding and the kind of blockchain transaction signing experience.
For example, if you wish to enable Google login for dApp users, you will be required to create a Google OAuth 2.0 credential for your dApp. Google will assign a ClientID to your dApp. You need to specify this Google assigned ClientID in the Arcana Developer Dashboard as part of enabling Google authentication for your dApp user onboarding.
Auth SDK Usage Examples
Here are some examples of how developers can leverage Arcana Auth SDK for user onboarding, enabling user data privacy and manage user experience for signing blockchain transactions.
Onboard Users through Passwordless Login
To enable passwordless login in your dApp, you need to follow the two steps listed above. First register and configure dApp and then integrate with Auth SDK and initialize with your appID.
For detailed instructions regarding what to configure on the dashboard and how to initialize the Auth SDK to enable passwordless login, see how to onboard dApp users by enabling passwordless login?
Onboard Users through Google authentication
To enable Google authentication in your dApp, you need to follow the two steps listed above. First register and configure dApp and then integrate with Auth SDK and initialize with your appID.
For detailed instructions regarding what to configure on the dashboard and how to initialize the Auth SDK to enable Google authentication, see how to onboard dApp users by enabling Google authentication?
You can choose multiple providers and authentication mechanisms to enable dApp user onboarding. Users have the flexibility to choose the mechanism for logging into your dApp. Make sure you provide all necessary configuration details for each selected authentication mechanism via the dashboard.
Arcana supports aggregate login feature that can identify dApp users even if they use different authentication mechanisms to log into your dApp. This ensures there are no duplicate user identities or blockchain wallet addresses for the same user. This feature works only if user has used the same email ID to register with different social authentication providers.
Manage User Experience for Signing Blockchain Transactions
Arcana Auth SDK supports different wallet modes that govern the dApp user transaction signing experience.
Developers can configure dApp using Arcana dashboard for the requisite experience during blockchain transaction signing process for file access storage operations. In addition to dashboard configuration, they must also specify the correct
appMode parameter value while initializing the Auth SDK.
For detailed instructions on how to configure various wallet modes, see how to configure wallet modes?
Enable User Data Privacy
Beyond user onboarding, if you wish to enable data privacy for all dApp user data, you can choose to integrate with Arcana Storage SDK and utilize its data privacy and data access control features. See Storage SDK Quick Start Guide for more details.
Developers can choose to not use Arcana Storage SDK for enabling user data privacy. Instead, they could simply integrate with Auth SDK, enable user authentication and once users are authenticated, developers can use data encryption helper functions from the Auth SDK to encrypt user Data. This requires developers to provide a public key for encrypting user data. The onus of managing the public and private keys for encryption is on the application developer. However, if they choose Storage SDK for user data privacy, all the complex key management is handled seamlessly by the Auth SDK. Developers can simply use the standard Ethereum provider interface from the Auth SDK and use it to perform secure and privacy preserving storage operations through Arcana Storage SDK.
Check out code samples and tutorial to integrate your dApp with Arcana Network SDKs and enable social, passwordless authentication in a dApp and store, access dApp user data in a secure and privacy preserving manner.