Simplifying Wallet Management with OAuth2.0, OpenID Connect, JWT, and RSA Verification and Account Abstraction
Prize Pool
AuthWallet 2.5 revolutionizes the way users interact with Ethereum wallets by integrating OAuth2.0, OpenID Connect, JWT, and RSA verification. This user-friendly solution eliminates the need for complex private key management, making secure wallet interactions accessible to all users. With AuthWallet, users can send ETH by email, manage attestations, and execute cross-chain transactions with ease.
Usually, KMS servers act as intermediaries for social sign-ins, but AuthWallet 2.5 directly verifies the ID Token from the Identity Provider (IdP) within the smart contract, removing the need for an intermediary.
The application leverages Chainlink Functions and Chainlink Automation to securely fetch Google’s JSON Web Key Set (JWKS). These keys are used to verify JWTs signed by Google. The JWKS data is regularly updated to ensure the authenticity and integrity of the keys used in RSA signature verification for OAuth2.0 tokens.
Users authenticate via OAuth2.0 and OpenID Connect flows. Upon successful authentication, the user receives an ID Token containing key information, including an account abstraction user operation hash. This hash represents a cryptographic fingerprint of the user's intended transaction on the blockchain.
The ID Token generated during sign-in contains a JWT. A dedicated smart contract verifies the JWT using RSA signature verification against the modulus fetched from the JWKS oracle. This ensures that the JWT is authentic and has been signed by Google. The contract interacts with the Chainlink-powered JWKS oracle to retrieve and validate the appropriate RSA keys used for signature verification.
The AuthWallet 2.5 is fully compatible with EIP-1193: Ethereum Provider JavaScript API. It also supports modern Ethereum libraries like viem and wagmi, making it easy to integrate with decentralized applications (dApps). In this demo, we utilize RainbowKit to simplify the connection of AuthWallet 2.5 to the Ethereum network.
With AuthWallet 2.5, users do not need to have an existing wallet address to get started. This eliminates the barrier of requiring a wallet setup before onboarding, making it easier for new users to engage with the Ethereum ecosystem.
This implementation is heavily inspired by the referenced article and has been adapted to align with ERC4337 account abstraction principles.