We leverage Secure Payment Confirmation (SPC) to allow dapps to instantly create & operate PORTABLE passkey wallets for their users without any hassle. No app switching, no extensions & no wallet lock-in.
Prize Pool
SPC allows users to create a passkey wallet on any dapp, use it on any other dapp & still have it managed by their wallet provider of choice. No extensions, no app switches, everything takes place on dapp website.
SPC is a browser native API that is designed to streamline payments on the web. It's purpose is to improve the UX for authenticating users across merchants (in web3 think dApps) whilst verifying cryptographically that the user can pay for a transaction with their payment provider (for web2 think bank & web3 think wallet).
The protocol is built on-top of webauthn in order to provide the cryptographic proof that the user indeed is the one that initiated the transaction.
In a normal SPC flow, a user wants to buy some goods from a merchant, they enter their card number & the merchant then initiates a passkey/webauthn ceremony with the users bank. SPC allows the merchant to leverage the banks passkey infra to validate the user is asking to (& is able to) pay for the goods.
The main advantage of SPC over normal passkey accounts is that the credentials can be created cross-origin, meaning that although the passkey is scoped to your wallet provider it is available to use on ANY other site.
By enabling dapps to make requests to wallet providers directly, we remove the need for a user to install a wallet - instead any dapp can request a signature from any wallet provider, directly on the dapp site (via an iframe, or embed)
This means dapps can create new users a passkey wallet when they first interact with crypto, without ever having to download a wallet.
For dapps this means they can request a passkey signature in an iframe, rather than relying on some other wallet.
Our demo:
Safe ERC4337 Module: We have adapted the demo Safe 4337 module to allow us to deploy an account controlled directly by a passkey created on a dapp. We use Pimlico for formatting the userop, bundling transactions, and gas estimations. Some notible changes to other safe 4337 modules include: