Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feedback on Blockchain Claims for use in JWT #128

Open
jaredhanson opened this issue Aug 8, 2022 · 6 comments
Open

Feedback on Blockchain Claims for use in JWT #128

jaredhanson opened this issue Aug 8, 2022 · 6 comments

Comments

@jaredhanson
Copy link

Hello! I work at Okta/Auth0, am an advisor to Dynamic, and maintain various Node.js packages for identity-related functionality (Passport.js, OAuth2orize, etc.)

I've put together a proposal on how to represent blockchain accounts and assets in a JWT. As off-chain applications adopt Web3 technologies, through specifications such as CAIP-122, this allows services to have a common way to do authorization based on accounts or assets owned (token-gating).

I'd love to get this communities feedback on the proposal. If there's interest, I will submit a PR to this repo consideration as a CAIP. Thanks!

https://github.com/jaredhanson/id-blockchain-claims-in-jwt
@bumblefudge
Copy link
Collaborator

This is very interesting-- but I'm not sure very many of us in CASA are JW* experts, much less experts in how OIDC tokens profile JW*. Is the goal to get CASA feedback first and use that to define a JWT profile/scheme for IANA?

@jaredhanson
Copy link
Author

Yeah, that's the objective. Standardizing the claims so they are in the IANA registry would be the ideal outcome. The specification (once finalized) could be submitted to the most relevant organization, I suspect IETF would be appropriate but it could also be hosted here if there is interest. Either way, feedback from this community would be appreciated.

@awoie
Copy link

awoie commented Aug 26, 2022
edited

I think this is really useful. This allows people to include blockchain accounts in JOSE objects without name ambiguity. Also +1 for registering in IANA after the CAIP was approved. A lot of applications don't allow custom claims if they are not registered in IANA or don't use identifiers with collision-resistant names, e.g., using reverse domain, URIs. This CAIP would solve this issue.

@bumblefudge bumblefudge mentioned this issue Sep 6, 2022
Closed
@kdenhartog
Copy link
Contributor

Thanks for dropping a message here. I opened an issue on that repo, but happy to move the discussion over here. Which would you prefer @jaredhanson?

@ritave
Copy link
Contributor

ritave commented Nov 17, 2022

On the topic of JWTs and to add some context, MetaMask Snaps was surprised that we had a request to expose ability to sign JWTs.

We didn't see the use-case, but if there's enough feature requests we'd like to revisit it.

@bumblefudge bumblefudge mentioned this issue Nov 19, 2022
Open
8 tasks
@bumblefudge
Copy link
Collaborator

bumblefudge commented Feb 7, 2023
edited

@jaredhanson any update here? DM me on Discord, twitter, etc if a 1:1 meeting would help!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jaredhanson @ritave @kdenhartog @bumblefudge @awoie