Skip to content
This repository was archived by the owner on Nov 25, 2024. It is now read-only.
This repository was archived by the owner on Nov 25, 2024. It is now read-only.

Precompile: WebAuthn verification #87

Open
Open
Precompile: WebAuthn verification#87
Labels
A-precompileRelated to an alphanet precompileC-enhancementNew feature or request
@Rjected

Description

@Rjected
Rjected
opened on Jul 11, 2024

We should make a precompile for WebAuthn, so that passkey verification (or verification of other webauthn compatible credentials) is cheap and easy.

This library seems to be the standard for WebAuthn usage in solidity:
https://github.com/base-org/webauthn-sol

And has a simple ABI that we can probably re-use, and should be easy to parse:

struct WebAuthnAuth {
    /// @dev https://www.w3.org/TR/webauthn-2/#dom-authenticatorassertionresponse-authenticatordata
    bytes authenticatorData;
    /// @dev https://www.w3.org/TR/webauthn-2/#dom-authenticatorresponse-clientdatajson
    string clientDataJSON;
    /// The index at which "challenge":"..." occurs in clientDataJSON
    uint256 challengeIndex;
    /// The index at which "type":"..." occurs in clientDataJSON
    uint256 typeIndex;
    /// @dev The r value of secp256r1 signature
    uint256 r;
    /// @dev The s value of secp256r1 signature
    uint256 s;
}

function verify(
    bytes memory challenge,
    bool requireUserVerification,
    WebAuthnAuth memory webAuthnAuth,
    uint256 x,
    uint256 y
) internal view returns (bool)

This library looks promising for the implementation:
https://github.com/1Password/passkey-rs

The solidity library references WebAuthn level 2 docs, and the library supports level 3. The level 3 "authenticator assertion response" (authenticatorData) fields seem to be backward compatible, with the new level 3 flags bits taking up the "reserved for future use" range from level 2.

authenticatorData level 2: https://www.w3.org/TR/webauthn-2/#authenticator-data
authenticatorData level 3: https://www.w3.org/TR/webauthn-3/#authenticator-data

The clientDataJSON field looks like it is unchanged between level 2 and level 3.

The docs from the library make it slightly more clear what we would need to implement:
https://github.com/base-org/webauthn-sol/blob/619f20ab0f074fef41066ee4ab24849a913263b2/src/WebAuthn.sol#L59-L96

The level 2 verification procedure spec: https://www.w3.org/TR/webauthn-2/#sctn-verifying-assertion
The level 3 verification procedure spec: https://www.w3.org/TR/webauthn-3/#sctn-verifying-assertion

I'm not sure yet which specific methods / structs expose the verification procedure, possibly the Authenticator, but this needs to be checked against the solidity library.

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-precompileRelated to an alphanet precompileC-enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions