Porting User Authentication from Node.js to ICP

Introduction

As the CTO of PixelPaddle, Mr. Syed Yasir Iqbal is thrilled to share our recent transition from a traditional Node.js server to the Internet Computer Protocol (ICP) for our authentication module. This move was driven by our commitment to enhancing security, scalability, and user experience. In this article, I’ll walk you through the reasons behind our shift, the challenges we faced, and how we overcame them.

What is PixelPaddle?

PixelPaddle’s journey into the Canadian and North American markets represents a pioneering venture set to redefine the sports entertainment landscape. By leveraging the transformative potential of the metaverse, PixelPaddle aims to tackle various challenges within the sports industry and create immersive, AI-powered digital experiences. With a focus on enhancing fan, athlete, and team connections, PixelPaddle employs blockchain and AI to provide innovative solutions and capture a significant market share in the growing online sports market.

Introduction to ICP

The Internet Computer Protocol (ICP) is a groundbreaking technology developed by the DFINITY Foundation, designed to create a decentralized internet. Unlike traditional blockchains, ICP runs at web speed and can scale to support any volume of data and computation. It allows developers to build and deploy software directly on the internet without the need for centralized servers, offering a truly decentralized infrastructure. ICP’s robust security, scalability, and decentralization make it an ideal choice for modern applications looking to harness the power of blockchain technology.

Why Port from a Centralized Server to ICP?

Our initial setup was centralized, which, while functional, posed several challenges:

  1. Single Point of Failure: Our centralized server was a potential single point of failure.
  2. Scalability Issues: As our user base grew, the server struggled to handle the increasing load.
  3. Security Concerns: Centralized servers are more vulnerable to attacks and data breaches.

By transitioning to ICP, we aimed to:

  • Enhance Security: Leverage ICP’s robust security features.
  • Improve Scalability: Benefit from ICP’s ability to handle large transaction volumes.
  • Achieve Decentralization: Reduce dependency on a single server and enhance system resilience.

Why We Chose Azle

Azle is a powerful framework that simplifies building applications on the Internet Computer using TypeScript and JavaScript. We chose Azle for several reasons:

  • Familiarity: Azle allows us to use familiar JavaScript/TypeScript syntax, making the transition smoother for our development team.
  • Ease of Use: Azle provides a robust set of tools and abstractions that simplify the development process on ICP.
  • Integration: Azle seamlessly integrates with existing tools and libraries, enabling us to leverage our existing codebase and knowledge.

Successful Porting of User Authentication Module

We successfully ported our user authentication module from Node.js to ICP. The process involved several steps and presented various challenges.

Challenges and Solutions

  1. NPM Libraries Compatibility:
  • Challenge: Many NPM libraries don’t work seamlessly with Azle on the IC, leading to compatibility issues.
  • Solution: To overcome this, we relied on native JavaScript and Node.js. This approach allowed for greater control and ensured compatibility with the IC environment.

2. CORS (Cross-Origin Resource Sharing):

  • Challenge: The cors library was not functioning correctly with Azle.
  • Solution: We manually set the appropriate headers to allow cross-origin requests, ensuring that the application could interact with other services and front-end applications.

3. Canister Size Limitations:

  • Challenge: Using the Candb library caused the canister size to exceed the deployment limit, making it impossible to deploy the canister.
  • Solution: To address this, we switched to using StableBTreeMap, which is a more storage-efficient data structure. This change helped manage the canister’s state more effectively without exceeding the size limits imposed by the IC.

4. CORS (Cross-Origin Resource Sharing):

  • Challenge: ICP uses canisters, which are quite different from traditional databases.
  • Solution: We implemented a mapping of user data within BTree canisters and ensured efficient data retrieval. However, we are planning to migrate from BTree to Candb canister for more optimized storage.

5. Token Management:

  • Challenge: Transitioning from JWT to ICP tokens required a different approach to session management. The npm package jsonwebtoken used in Node.js didn’t work in the ICP environment due to limited support.
  • Solution: We created a custom implementation for generating JWT-like tokens. This involved creating signatures manually using the following function:

function createJwtSignature(jwtB64Header: string, jwtB64Payload: string): string {
const secretObj = secretMap.get(“jwtsecret”);
const secret = secretObj.Some?.toString()!;
const signature = crypto.createHmac(‘sha256’, secret);
signature.update(${jwtB64Header}.${jwtB64Payload});
const signatureBase64 = signature.digest(‘base64’);
return replaceBase64SpecialChars(signatureBase64);
}

6. Performance Optimization:

  • Challenge: Initial implementations were slower due to the decentralized nature of ICP.
  • Solution: We optimized canister interactions and reduced redundant data fetching.

Flow Diagram: Authentication in Node.js

Here’s a visual representation of how our authentication module functioned in Node.js:

Flow Diagram: Authentication in ICP

Here’s how the authentication module operates in ICP now:

GitHub Repository

For a detailed look at our implementation, including the complete code and setup instructions, please visit our GitHub repository

Forward

Porting our authentication module from Node.js to ICP was a transformative experience. Despite the challenges, the benefits of enhanced security, decentralization, and scalability made it a worthwhile endeavor. Leveraging Azle allowed us to transition smoothly, maintain compatibility with our existing codebase, and optimize our application for ICP’s unique environment. Moving forward, we plan to continue refining our use of ICP and exploring additional opportunities it offers for further enhancing our platform.

Call to Action

If you’re considering a move to ICP or are curious about developing decentralized applications, we encourage you to explore the capabilities of Azle and ICP. Feel free to reach out with any questions or share your experiences. Together, we can push the boundaries of what’s possible with decentralized technology. Let’s innovate together!
#ICP #PixelPaddle #Blockchain #Sports #Metaverse

6 Likes