iOS built-in authenticator and auto-fill of authenticator code #190
Labels
enhancement
New feature or request
frontend infra
Frontend infrastructure stuff (state management, etc.)
ui
iOS 15 and macOS Monterrey now support built-in authenticator, secured by Apple's FaceID and various other technologies. We will make 1wallet fully support these new features for wallet setup and all operations. This means the user may authenticate themselves using FaceID, biometric sensor, or standard password (of their device), after they setup the authenticator-code using iOS / macOS built-in authenticator.
The built-in authenticator will be automatically fill in the code wherever applicable. The seeds will be stored in the user's devices securely under their (Apple) keychain. If they sync their iCloud keychain, these seeds will be automatically and securely backed up to iCloud (encrypted).
Note that this does not prevent the user to setup the authenticator code on their Google Authenticator at the same time. It does not disrupt any existing mechanism.
Since the built-in authenticator does not expose seed, this implies we will add a new mechanism for restoring wallet, so that users solely rely on Apple built-in authenticator may still restore the wallet, and users using other authenticators won't need to go through the ordeal of exporting QR code from Google Authenticator.
The planned mechanism is similar to an initial design proposed in the Wiki for consecutive OTP: after the user correctly provides six successive authenticator codes, we will let the user set up a new authenticator code (via either iOS built-in authenticator or Google Authenticator). See #191. The new authenticator code and the old code will both be accepted by the wallet.
The text was updated successfully, but these errors were encountered: