How would we feel about an on-chain authenticator?


Hi everyone!

In my spare time I’ve been working on a project called ICAuthenticator, a fully on-chain two-factor authentication (2FA) solution built on the Internet Computer. The idea is to leverage HMAC and standard time-based methods (like TOTP) to generate secure codes. The central component is an authentication canister, which acts as a trusted entity for issuing and verifying codes on behalf of service providers.

Here’s a high-level overview:

  • Core Features: Securely store and generate 2FA codes using decentralized infrastructure.
  • Centralized Canister: The auth canister issues and verifies codes on behalf of registered providers, ensuring a streamlined and secure experience.
  • User-Provider Model: Providers can register entities, and users can manage their devices while keeping everything on-chain.
  • Standardized Approach: Built using widely accepted security standards to ensure compatibility and reliability.

I’m curious to float the idea around and gauge the community’s interest in this concept.

8 Likes

This won’t work as TOTP are secrets and you have no way to get them into or out of the canister without exposing them to nodes and gateways.

Everything on the IC must be signature based, like on all blockchains.

The docs regarding vetKeys mentions time-lock encryption so I suppose it should be technically possible.

Keep in mind vetKeys isn’t available yet but it’s on the roadmap, there’s a mock implementation example that can be used to develop with right now. Do not use this mock implementation on production, it is not secure.

As for right now, you could use a transport key pair to at least encrypt them during transit through gateways. But without vetkeys they would indeed be still at risk of exposure to malicious node providers.

1 Like

That’s a valid concern, my thought is to encrypt the TOTP secrets on the client side before sending them to the canister. The canister would only store the encrypted secrets and use cryptographic operations like threshold encryption to validate codes, so the secrets are never exposed. It’s kinda like how Chain Key works now. I’d still want vet-keys implemented to be fully confident in the security, though.

This is exactly my thought process