Skip to content

base-org/webauthn-sol

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits

.github/workflows

.github/workflows

 
 

audits

audits

 
 

lib

lib

 
 

src

src

 
 

test

test

 
 

.gas-snapshot

.gas-snapshot

 
 

.gitignore

.gitignore

 
 

.gitmodules

.gitmodules

 
 

LICENSE.md

LICENSE.md

 
 

README.md

README.md

 
 

foundry.toml

foundry.toml

 
 

Repository files navigation

Solidity WebAuthn Authentication Assertion Verifier

Webauthn-sol is a Solidity library for verifying WebAuthn authentication assertions. It builds on Daimo's WebAuthn.sol.

This library is optimized for Ethereum layer 2 rollup chains but will work on all EVM chains. Signature verification always attempts to use the RIP-7212 precompile and, if this fails, falls back to using FreshCryptoLib.

Important

FreshCryptoLib uses the ModExp precompile (address(0x05)), which is not supported on some chains, such as Polygon zkEVM. This library will not work on such chains, unless they support the RIP-7212 precompile.

Code excerpts

struct WebAuthnAuth {
    /// @dev https://www.w3.org/TR/webauthn-2/#dom-authenticatorassertionresponse-authenticatordata
    bytes authenticatorData;
    /// @dev https://www.w3.org/TR/webauthn-2/#dom-authenticatorresponse-clientdatajson
    string clientDataJSON;
    /// The index at which "challenge":"..." occurs in clientDataJSON
    uint256 challengeIndex;
    /// The index at which "type":"..." occurs in clientDataJSON
    uint256 typeIndex;
    /// @dev The r value of secp256r1 signature
    uint256 r;
    /// @dev The s value of secp256r1 signature
    uint256 s;
}

function verify(
    bytes memory challenge,
    bool requireUserVerification,
    WebAuthnAuth memory webAuthnAuth,
    uint256 x,
    uint256 y
) internal view returns (bool)

example usage

bytes challenge = abi.encode(0xf631058a3ba1116acce12396fad0a125b5041c43f8e15723709f81aa8d5f4ccf);
uint256 x = 28573233055232466711029625910063034642429572463461595413086259353299906450061;
uint256 y = 39367742072897599771788408398752356480431855827262528811857788332151452825281;
WebAuthn.WebAuthnAuth memory auth = WebAuthn.WebAuthnAuth({
    authenticatorData: hex"49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d97630500000101",
    clientDataJSON: string.concat(
        '{"type":"webauthn.get","challenge":"', Base64Url.encode(challenge), '","origin":"http://localhost:3005"}'
        ),
    challengeIndex: 23,
    typeIndex: 1,
    r: 43684192885701841787131392247364253107519555363555461570655060745499568693242,
    s: 22655632649588629308599201066602670461698485748654492451178007896016452673579
});

Developing

After cloning the repo, run the tests using Forge, from Foundry

forge test

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

48 stars

Watchers

11 watching

Forks

14 forks
Report repository

Releases 1

Release v1.0.0 Latest
Apr 22, 2024

Packages

No packages published

Contributors 2

Languages