Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Using Random UserUUID as password could be risky !! #1

Open
virajpatva opened this issue Oct 17, 2023 · 3 comments
Open

Using Random UserUUID as password could be risky !! #1

virajpatva opened this issue Oct 17, 2023 · 3 comments

Comments

@virajpatva
Copy link

As I was exploring Biometric login for generation of smart wallet , I found you implementation for login in with webauthn very simple but I felt there is room for improvment in generating password !
You can join in the conversation :
https://discord.com/channels/834227967404146718/1161644808327139408

@playerx
Copy link
Member

playerx commented Feb 22, 2024

Thank you for the comment, the link you shared doesn't work for me. If you can share more information here would be great, thanks!

@virajpatva
Copy link
Author

The discord conversation didn't go well ahead!!

I just want to point using a randomly generated UUID with webauthn metadata and exporting it to decrypt the IPFS Private Key is bit risky. Can we adopt methodolgy such as our Webauthn PrivateKey can decrypt PrivateKey from IPFS , or any better approach

@playerx
Copy link
Member

playerx commented Feb 23, 2024

Ah gotcha!

We’ve already updated that logic. We use webauthn as you mentioned and verification is done on-chain 👌🏻

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants