Ideally we should support metamask, or any other existing wallet, and passkeys as methods of authentication. The user should be able to receive/send transactions once they have authenticated via one of the methods.
Auth via metamask
Metamask support deterministic ECDSA signatures. That is, two signatures produced across two different timestamps but on same message using the same secret will be the same. The hash of the signature (with the decorator) becomes the seed. The seed can be used to derive multiple secrets, especially the spend key.
I'm unsure which other wallets support deterministic ECDSA signature.
Auth via Passkeys
Passkey has an optional PRF support which allows deterministic seed derivation across two different timestamps. Several applications use the PRF to derive symmetric encryption keys, for instance. Following are links to further content:
Encrypted note transmission
Once we've a secret seed derived securely either from metamask or passkey, the seed can be used to derive different key types: keys for note transmission over network, private_identifier, spend_key.
Note that in the protocol, private_identifier and spend_key are distinct, they necessarily need not to be linked to each other. Nullifier key, public identifier, and the address are derived from the private_identifier. The protocol does not care about note transmission, so viewing keys are not take care of (they are taken care of the application level).
Ideally we should support metamask, or any other existing wallet, and passkeys as methods of authentication. The user should be able to receive/send transactions once they have authenticated via one of the methods.
Auth via metamask
Metamask support deterministic ECDSA signatures. That is, two signatures produced across two different timestamps but on same message using the same secret will be the same. The hash of the signature (with the decorator) becomes the seed. The seed can be used to derive multiple secrets, especially the spend key.
I'm unsure which other wallets support deterministic ECDSA signature.
Auth via Passkeys
Passkey has an optional PRF support which allows deterministic seed derivation across two different timestamps. Several applications use the PRF to derive symmetric encryption keys, for instance. Following are links to further content:
Encrypted note transmission
Once we've a secret seed derived securely either from metamask or passkey, the seed can be used to derive different key types: keys for note transmission over network, private_identifier, spend_key.
Note that in the protocol, private_identifier and spend_key are distinct, they necessarily need not to be linked to each other. Nullifier key, public identifier, and the address are derived from the private_identifier. The protocol does not care about note transmission, so viewing keys are not take care of (they are taken care of the application level).