Tauri + Internet Computer + II: A Desktop App for 2FA Secrets & TOTP Generation

Developers
,
1

Hi DFINITY community!

I’d like to share a project I’ve been working on recently — ic-2fa-auth. It’s a demo desktop app built with Tauri v2, integrating the Internet Computer and Internet Identity. The app allows you to securely store 2FA secrets and generate TOTP codes in a native desktop environment.

A bit of background

Building desktop apps always seemed complex to me. While I respect the tremendous work behind Electron and its huge ecosystem, I was never really excited by the idea of bundling a browser into every app. That changed when I discovered Tauri — it made me want to create a lightweight app that connects to the Internet Computer.

Authentication is a core part of most apps, and that’s where I hit some roadblocks. Initially, all I had was this forum post from @sea-snake (thank you!) outlining some steps, and a strong desire to make it work.

Later, I found a Global R&D video from November 2024 and the article Secure II integration on mobile, which shed more light on mobile/desktop II integration. Thanks to these resources, community posts, and code examples, I was finally able to complete my app for securely storing 2FA secrets and generating TOTP codes using Tauri + IC + II.

Screenshots

Screenshots

login
login1744×2024 149 KB

dashboard
dashboard1744×2024 138 KB

dashboard2
dashboard21744×2024 146 KB

Stack and architecture

  • Frontend: built with Angular (my favorite framework — I love the direction it’s been heading lately).
  • Backend: written in Motoko, running inside a Docker container with Caddy to simulate a production-like environment even during local development (since Tauri’s webview can throw errors when making HTTP requests).
  • CI/CD: I set up a GitHub Actions workflow based on tauri-action, with some tweaks for IC integration and auto-generating a .env file used by the frontend build.
  • Special thanks to @ZhenyaUsenko for the Map v9 module, which I used on the backend.

Why I’m posting this

I didn’t want to just drop a GitHub repo without telling the story behind it. I truly hope that sharing my experience, code, and the lessons learned will help other developers, or maybe even inspire someone to explore a new direction with their own IC apps.

If you have any questions, suggestions, or thoughts — feel free to reply here!

5 Likes
2

Glad to hear you found the Secure II integration on mobile article, my older post didn’t describe an in between key pair that mitigates the security issues with directly delegating to the native app key pair.

I’ve updated my original post to follow this security recommendation and link to the article.

On another note, for next steps, I’d suggest to look into VetKD to encrypt the secrets before they’re stored on chain, here’s an example implementation: examples/motoko/encrypted-notes-dapp-vetkd at master · dfinity/examples · GitHub

1 Like
3

The current implementation uses an intermediate key, as recommended in the article. A sequence diagram, similar to the one in the article, is also included in the repository.

Thank you for the valuable suggestion regarding encryption — it’s a great idea for further improvement! I already have experience working with vetKD in my main application, and I’m eagerly awaiting the full release of this long-anticipated feature so I can add support for it in this project as well.

1 Like