UCAN (do) secure key management in the browser, with Ben Bollen

As the first part of our Filecoin grant project, we’ve been working on linking Fission platform accounts, which are built out of DIDs and our decentralized auth protocol UCAN.

@benjaminbollen has been leading this research and vetting it with @expede. We’re ready to share what we’ve designed to date of securely storing Filecoin keys in the browser and the end to end system involved.

Outline of the presentation:

  • Overview of Fission Platform and Account System: understanding the platform and how we use keys, the WebCrypto API, DIDs, and UCAN
  • Plan for connecting Filecoin accounts: our research today and our “intent to implement” of building on top of Fission’s webnative library so no browser extensions are needed
  • Backup App on Fission: this is our final deliverable, but we’ll describe at a high level what this is and how we envision it working, and how other people can follow this pattern to build their own apps that talk to Filecoin from the browser

We may also review the Fission Account Recovery Plan, as this is likely to be of interest to this audience.

Video

Source video on IPFS

Slides

Prose write up of slides in the Webnative Filecoin project »

@boris Fission Background Slides

@benjaminbollen UCAN Secure Keys in Browser

Resources

Notes from @danfinlay https://roamresearch.com/#/app/capabul/page/0KVUg8MGH

Also from Dan, request for more info on Powergate. We’ll pull together a system / component level diagram that should make this clearer.

3 Likes