Small Grant: Passkey Holder

Project Name: “Passkey Holder” for Sia (Working Title)
Project Lead: Oleh N.

Project Description

The “Passkey Holder” (TBD) browser extension will provide users with a decentralized approach to store and manage their passkeys on the Sia network, seamlessly integrating with the WebAuthn API on web pages to ensure reliable handling of authentication requests. This approach will significantly enhance user autonomy and control over authentication data, aligning with principles of user-centric data management.

Popular password and passkey management solutions, such as iCloud Keychain and Google Password Manager, present a critical limitation by not allowing users to export their passkeys. Users of these platform-specific solutions often find themselves tied to their vendor-specific platforms, facing significant challenges if they decide to switch platforms. The “Passkey Holder” will address this problem by providing true portability and decentralized storage of authentication credentials.

Users will be able to seamlessly link the extension to their renterd node through a simple configuration process within the extension’s interface. Once connected, the extension will initiate automatic passkey synchronization, ensuring up-to-date credential access across all devices. This architecture will allow users to install the extension on any compatible browser across their devices, ensuring seamless access to all their passkeys through supported browsers.

Security is a top priority. Passkey registration data will be encrypted on the user’s device before being stored on the Sia network, ensuring enhanced user control over credentials. The result will be not only enhanced privacy but also greater freedom in managing digital keys, leading to a more personalized and secure authentication process. Ultimately, this strategy will empower users with improved data privacy and true ownership of their authentication credentials, prioritizing user autonomy and security.

How does the projected outcome serve the Foundation’s mission of user-owned data?

The project’s decentralized passkey storage on the Sia network will directly embody the foundation’s commitment to user-centric data control. By enabling users to independently manage their credentials across various platforms, it will break the confines of vendor-specific ecosystems, aligning with the foundation’s vision of returning data sovereignty to individuals. This implementation will not only ensure accessibility and confidentiality but also address current security challenges in the digital identity space.

As WebAuthn gains prominence, the integration of passkey storage within the Sia network, combined with its implementation in popular browsers, will introduce the concept of decentralized data storage to a wide audience. This approach will support the foundation’s goal of making decentralized storage accessible and practical for everyday use.

In its essence, by facilitating user-controlled digital identities, the project will exemplify the foundation’s vision of a decentralized, user-empowered digital landscape. It will advance digital autonomy and security, directly supporting the foundation’s goal of promoting user-owned data.

Budget Justification

The project author is requesting a grant of $9,000 to support a full-time commitment as the lead developer of the “Passkey Holder” browser extension. This funding should be allocated in three equal monthly payments over the 3-month timeline to ensure consistent financial support, allowing the author to fully dedicate time and effort to the meticulous development and implementation of the project.

Project Goals

  • Create a fully-functional extension compatible with Chrome and Firefox browsers that will seamlessly intercept and process WebAuthn events, ensuring a smooth user experience.

  • Design and deploy a robust mechanism for securely storing passkeys on the Sia network, leveraging the decentralized nature of Sia to enhance data protection and user control.

  • Develop an efficient synchronization system that will ensure passkeys are consistently and securely updated across all user browsers, maintaining data integrity and availability.

Potential Risks

The WebAuthn specification is complex.
Ensuring consistent functionality across diverse websites may present challenges due to variations in how different sites implement WebAuthn. There may be a possibility of encountering yet-undiscovered technical obstacles that may impede the “Passkey Holder” from correctly processing WebAuthn mechanisms on certain websites.

Will all of your project’s code be open-source?

Yes!

Where code will be accessible for review?

Do you agree to submit monthly progress reports?

Yes.

Contact info

Email: [email protected]
Discord: new0ne

Thanks for your proposal to The Sia Foundation Grants Program. After review, the committee has decided to approve this proposal! They do have some notes to pass along though:

  • They recommend a switch to either building on top of S5, or supporting multiple backends like S5, IPFS, and renterd. Dealing with a routing layer and building accounts will be better served by including these services.

Regardless, congratulations on your approval. We’ll reach out to the provided email address to begin onboarding. Onboarding can take up to a couple of weeks, so be prepared to adjust your timelines slightly as we go through the process.

Dear Steve and Sia Foundation Grants Committee,

I am deeply grateful for your resolute backing of this project. Your trust is immensely valuable to me and is incredibly motivating.

Thank you for your insights on S5 and multiple backend support. I value these recommendations and keep these ideas in mind as I develop the solution to unleash the project’s potential.

With enthusiasm and gratitude,
Oleh.