A place for talking about the Ethereum Virtual Machine on Farcaster.

EIP to validate passkeys on-chain with a precompile: https://eips.ethereum.org/EIPS/eip-7212#motivation

This would be huge for AA wallets. 

I'm curious if anyone has a pulse on how likely this is to pass, seems like there's usually a lot of contention around adding precompiles.

Technowatermelon. Elder Millenial. Building Farcaster. 

nf.td/varun

With largeBlob storage it’ll be possible to store any key type along with a passkey, but it can be read by the app loading it.

Not as secure as the enclave, but you don’t have to precompile the P256 curve. You can use secpk1 (as some demo wallets have done)

The webauthn spec doesn't specify a curve ... so if providers like browsers, apple and google build other curves into their passkey spec you don't need the large blob

Working on building zkTLS infra/products. A ruthless empiricist and meme connoisseur.

http://opacity.network

The webauthn spec doesn't specify a curve ... so if providers like browsers, apple and google build other curves into their passkey spec you don't need the large blob

https://www.w3.org/TR/webauthn-2/#sctn-alg-identifier

Making investing together better https://onit.chat | Variant Founder Fellow | Cambridge Alum | Formerly Ireland's #3 powerlifter (74kg)

Using the passkey in the enclave requires a faceId for every interaction.

If you’re sending a tx then it’s fine. For farcaster, if you use the delegated signer in this way you’d have to do a face id check for each like, recast etc.

Seems like a draw back of the delegated signer rather than the passkey 

With the current crdt model that is not the case but I haven’t looked into the delegated signers spec 

Maybe something to think about more abstracted accounts come onchain

Maybe @v can shed some light?

The model I like is using pass keys to control the custody address, via large blob or AA wallet. 

The delegate signers can be treated as low security and kept wherever (encrypted in a db, in keychain etc). It's silly to put the delegate signer in a wallet or enclave the requires an auth for every cast.

LargeBlob will let you load the key into memory after the initial Face ID.

So it doesn’t require an auth per-action.

You could store delegate signers there, and it’ll sync between your devices via Chrome/ICloud.

They’re stored in the Warpcast backend rn. Storing signers on user’s devices would reduce the attack surface on the backend, and the trust assumptions.

Largeblob is an identical UI/UX to passkey authentication.

They’re stored in the Warpcast backend rn. Storing signers on user’s devices would reduce the attack surface on the backend, and the trust assumptions.

Largeblob is an identical UI/UX to passkey authentication.

https://www.loom.com/share/f43e98b6eeae4313af21d701fa3cc304?sid=b51ab698-585f-4002-a026-84eec9f9d8d7

The only advantage of storing the delegates in large blob is the passing of the key across platforms/devices 

But why not just store it securely in a db as is done now