ENS-Auth

By minting and wrapping a subdomain called 'groups' on your ENS domain and sending it to the ensauth contract you can onboard your ens domain to a group management system. Afterwards, ENS can be used for all your identity and access management needs. The whole process can be comfortably managed through our webapp.

We currently support group and user creation, assignment and deletion. The groups and group memberships are made visible on the ens subdomain as records. Especially for organisations with multiple mostly independent contracts - possibly on different chains -, group resolvers can unify identity and access management to make user onboarding and offboarding easier as well as more transparent.

The solution consists of a smart contract and a frontend.

Smart Contract Application Registration The Smart Contract implements the IERC1155Receiverinterface. When the contract receives a wrapped ens 'groups' subdomain, it will register the subdomain as an application and set itself as the resolver for the subdomain.

Role Management After the application is registered, arbitrary roles can be added to the application. The roles of an application are visible as an ENS text record. When roles are added or removed a 'TextChanged' event is emitted and the text record updated. This is achieved by implementing the ITextResolver Interface

User Management When roles are available, users can be added to and removed from the created roles. Similar to the roles, users role assignments are reflected on ENS as text records.

Frontend Frameworks The application is based on Next JS and uses ConnectKit to interface with wallets such as MetaMask. Transactions and calls are made through Alchemy RPC.

To improve the user experience, components from ENS' Thorin design system are reused. Layout is based on Bulma.

ENS for provision of permissions The frontend relies heavily on ENS standards to verify ownership of domains (and by extension apps) and to simplify user management. For example, administrators can enter ENS names instead of addresses to manage group memberships. Most read operations regarding group memberships are also done with ENS as group information is exposed with text records.

To that end, we make use of the latest version of @ensdomains/ensjs and Viem.

ENS as directory service Albeit it is only implemented partially, the frontend also demonstrates ENS potential as fully fledged directory service. Here, roles and groups are displayed alongside personal information taken from text records. This information is available to any app that choses to use the same groups.

Subdomain transfer for delegation One interesting idea here is the transfer of a wrapped subdomain to delegate functionality to a different contract. This could also be used in other areas where smart contracts offer specialised functions.