Skip to content

Commit

Permalink
Hedgehog
Browse files Browse the repository at this point in the history
  • Loading branch information
@dmanjunath
dmanjunath committed May 30, 2019
0 parents commit bdde736
Show file tree
Hide file tree
Showing 20 changed files with 37,868 additions and 0 deletions.
25 changes: 25 additions & 0 deletions .circleci/config.yml
@@ -0,0 +1,25 @@
# Javascript Node CircleCI 2.0 configuration file
#
# Check https://circleci.com/docs/2.0/language-javascript/ for more details
#
version: 2
jobs:
build:
docker:
# specify the version you desire here
- image: circleci/node:10.15.3

working_directory: ~/audius-hedgehog

steps:
- checkout
- run: npm install
- run:
name: run tests
command: npm run test

workflows:
version: 2
build_pr:
jobs:
- build
9 changes: 9 additions & 0 deletions .gitignore
@@ -0,0 +1,9 @@
config.json
node_modules/
*.swp
*.swo
*.swn
.DS_Store*
test.js
local-storage/
.nyc_output/
81 changes: 81 additions & 0 deletions README.md
@@ -0,0 +1,81 @@
<br />
<br />

<p align="center">
<img src="https://user-images.githubusercontent.com/2731362/58195666-5cba9a00-7c7d-11e9-8409-5aa34b780ea2.png" width="240" />
</p>

<br />
<br />

**Hedgehog** is alternative to Metamask that manages a user's private key and wallet on the browser. It exposes a simple API to allow you to create an authentication scheme to let users sign up and login to their wallet across multiple browsers and devices. [hedgehog.audius.co](https://audius.co/hedgehog).

With Hedgehog:

* 馃槏 Users can make accounts in your DApp with a username + password.
* 馃槺 Users don't have to worry about private keys, no mnemonics.
* 馃攺 You can build systems that fund users' wallets, sign transactions, but never control those wallets directly.
* 馃寚 You can focus on building your business logic, rather than managing wallets.

[![npm version](https://badge.fury.io/js/angular.svg)](https://badge.fury.io/js/angular) [![CircleCI](https://circleci.com/gh/AudiusProject/hedgehog.svg?style=svg&circle-token=dc1943e26d04e05beca719fb45baaab93fe04bce)](https://circleci.com/gh/AudiusProject/audius-hedgehog)

## Installation

```
npm i --save @audius/hedgehog
```

## Docs && Examples

Check out our full technical [docs](http://audius.github.io/hedgehog-docs) and [api how-to](http://audius.github.io/hedgehog-docs#how-to).

For a quick browser-side demo, [look no further](https://codesandbox.io/embed/pp9zzv2n00). For a full end-to-end auth demonstration, see our [demo repo](https://github.com/AudiusProject/audius-hedgehog-demo).

## Why Use This?

### Not All Transactions Are Created Equal
Currently available wallets treat every transaction as if it were moving around your life鈥檚 savings. Hedgehog was built for use-cases involving low-to-no financial value.

**NOTE**: The primary improvement to end-user experience is by hiding wallet complexity and not forcing users to constantly confirm transactions - The opposite of what you鈥檇 want when moving significant money around.

### Is Hedgehog Right for your DApp?
Hedgehog isn鈥檛 right for every DApp. Massive improvements in user experience are only possible through tradeoffs. As a general rule Hedgehog should not be used for apps involving significant sums of money. As a bridge, one could start users on Hedgehog and suggest migrating to a more secure wallet if their stored value increases beyond a certain threshold; the Hedgehog paradigm is interoperable with existing web3 providers too.

*[Good use cases]*

* **Signing data**: If you鈥檙e building decentralized applications that rely on user signed data (eg. via EIP-712-esque signing schemes), Hedgehog could help simplify the experience if the stakes are low enough.
* **Gaming DApp**: Nothing ruins fun as much as signing transactions. If you鈥檙e building a gaming DApp that doesn鈥檛 use significant financial assets, improving UX is key.
* **Decentralized Music Player**: If you鈥檙e building consumer-facing DApps, Hedgehog will dramatically improve user experience and significantly increase your potential userbase.

*[Bad use cases]*

If your DApp involves moving around significant sums of money, then the tradeoff in security is most likely not worth it. Hedgehog鈥檚 primary improvement to end-user experience is by hiding the wallet and not forcing users to confirm transactions - The opposite of what you鈥檇 want when moving money around. We absolutely don鈥檛 recommend using Hedgehog in situations like these:

* **Banking DApp**
* **Decentralized Lending**
* **Prediction Markets**


## A Closer Look

Hedgehog is a package that lives in your front end application to create and manage a user's entropy (from which a private key is derived). Hedgehog relies on a username and password to create auth artifacts, so it's able to simulate a familiar authentication system that allows users to sign up or login from multiple browsers or devices and retrieve their entropy. Those artifacts, through hedgehog, are persisted to a backend of your choosing.

**NOTE**: A private key is only computed and available client side and is never transmitted or stored anywhere besides the user's browser.

```javascript
// Provide getFn, setAuthFn, setUserFn as requests to your database/backend service (more details in docs).
const hedgehog = new Hedgehog(getFn, setAuthFn, setUserFn)
let wallet
if (hedgehog.isLoggedIn()) {
wallet = hedgehog.getWallet()
} else {
wallet = await hedgehog.login('username', 'password')
// or
wallet = await hedgehog.signUp('username', 'password')
}

```

After creating or retrieving a user's wallet, you can either **fund their wallet directly** to pay transaction fees or **relay their transactions through a EIP-712 relayer**.

More details in the [docs](http://audius.github.io/hedgehog-docs).
1 change: 1 addition & 0 deletions assets/HedgehogDrawing.svg
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit bdde736

Please sign in to comment.