HushList-based Authparty Authentication

[matthewjamesr]

Proposal

Authparty is a authentication scheme, developed by @matthewjamesr built on-top of PKI that easily authenticates a user based on custodial access to a defined cryptocurrency wallet, with built-in support for Token Controlled Access (TCA) via Counterparty. It has two primary levels of authentication:

• Level One: Custodial Access. The ability to sign unique messages via a wallet's pub+priv key.
• Level Two: Token Controlled Access: The ability to adjudicate further access based on Counterparty assets held by a Level One authenticated user.

HushList Integration

Integrating the Authparty authentication scheme for HushList is trivial. The following assumptions must be accomplished:

• URI Scheme: A proper URI scheme must be adapted to support Authparty authentication strings.
  • Counterparty-based URI Example: counterparty:?action=sign&message=Authparty%20Login%20aHuRJjJGLhENZco&icon=http%3A%2F%2Fauthparty.io%2FAssets%2Fauthparty-icon-48x48.png&callback=http%3A%2F%2Fdev.authparty.io%2Fapi%2Fv1%2Fauthorize_login%3Fmodal_id%3DKkHKvJNcmnEkCux
  • Variables:
    • ACTION: sign
    • MESSAGE: Authparty-generated one-time string
    • ICON: Provider logo
    • CALLBACK: Callback referencing websocket
• Level Two Authentication: Token Controlled Access must be replaced. It is possible to generate a new HushList serving as a TCA object, with each subsequent message representing an updated list of authorized wallet addresses
  • Potential HushList Authparty Object (JSON Array).
    • Address: ADDRESS
    • Enabled: DATETIME
    • Expires: DATETIME