ns-auth-sdk 1.2.5 → 1.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +14 -18
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -1,6 +1,18 @@
|
|
|
1
|
-
# NS Auth
|
|
1
|
+
# NS Auth SDK
|
|
2
|
+
|
|
3
|
+
Decentralized SSO - Authentication, membership, and profile management.
|
|
4
|
+
|
|
5
|
+
NSAuth enables client-side managing of private-keys with WebAuthn passkeys (FIDO2 credentials). By leveraging passkeys, users avoid traditional private‑key backups and password hassles, relying instead on biometric or device‑based authentication. The keys are compatible with common blockchains like Bitcoin and Ethereum and data is stored as events on public relays and can be encrypted.
|
|
6
|
+
|
|
7
|
+
Two Approaches
|
|
8
|
+
PRF Direct Method – Derive the private key directly from the PRF value produced by a passkey. Encryption Method – Encrypt an existing private key with a key derived from the passkey’s PRF output. WebAuthn PRF Extension The PRF (Pseudo‑Random Function) extension, part of WebAuthn Level 3, yields deterministic 32‑byte high‑entropy values from an authenticator’s internal private key and a supplied salt. The same credential ID and salt always generate the same PRF output, which never leaves the device except during authentication.
|
|
9
|
+
|
|
10
|
+
Using PRF Values as Private Keys
|
|
11
|
+
A 32‑byte PRF output can serve as a private key if it falls within the secp256k1 range (1 ≤ value < n). The chance of falling outside this range is astronomically low (~2⁻²²⁴), so explicit range checks are generally unnecessary.
|
|
12
|
+
|
|
13
|
+
Restoration Steps
|
|
14
|
+
Install the client on a new device. Fetch the latest kind 30100 event for the target public key. Extract the PWKBlob and decrypt it with the passkey’s PRF value. Use the recovered private key for signing. Multiple passkeys can each have their own PWKBlob, allowing redundancy across devices.
|
|
2
15
|
|
|
3
|
-
SSO library for NS Auth - Authentication, membership, and profile management compatible with applesauce.
|
|
4
16
|
|
|
5
17
|
## Installation
|
|
6
18
|
|
|
@@ -14,15 +26,6 @@ pnpm install ns-auth-sdk
|
|
|
14
26
|
yarn add ns-auth-sdk
|
|
15
27
|
```
|
|
16
28
|
|
|
17
|
-
## Peer Dependencies
|
|
18
|
-
|
|
19
|
-
This library requires the following peer dependencies:
|
|
20
|
-
|
|
21
|
-
- `react` ^18.0.0
|
|
22
|
-
- `react-dom` ^18.0.0
|
|
23
|
-
- `applesauce-core` ^5.0.0
|
|
24
|
-
- `nosskey-sdk` ^0.0.4
|
|
25
|
-
|
|
26
29
|
## Quick Start
|
|
27
30
|
|
|
28
31
|
### 1. Initialize Services
|
|
@@ -213,10 +216,3 @@ const relayService = new RelayService();
|
|
|
213
216
|
relayService.initialize(eventStore);
|
|
214
217
|
```
|
|
215
218
|
|
|
216
|
-
## TypeScript Support
|
|
217
|
-
|
|
218
|
-
This library is written in TypeScript and includes full type definitions.
|
|
219
|
-
|
|
220
|
-
## License
|
|
221
|
-
|
|
222
|
-
MIT
|
package/package.json
CHANGED