Comment on page
Presenting and Motivating the Wallet SSO Authentication mechanism
As the player starts adding many games to their craftware webapp, how can we make sure they log in and access their games with the least number of steps possible while insuring a secure and safe approach?
At heart, we want the players to login while respecting the following:
- Ease of Use: Players should be able to authenticate seamlessly to all the games in the craftware ecosystem. The player authentication should not be in the way of normal player operations.
- Security and Privacy: Craftware should not be able to access - in plain text - game-specific credentials or confidential informations through the login process.
- Scalability: The player should not find it harder to login as the number of games involved in their craftware experience increase.
On the other hand, we want to help Games in the craftware ecosystem to ensure:
- Flexible Integration: Craftware should not force the game to implement a specific type of authentication mechanism. Rather, we allow the game to set its own authentication method and hook it to a simple access token. For the time being, we encourage a Token-based authentication for better compatibility with the web.
- Control of the Authentication: The final say in authenticating a user should be completely in the hands of the game.
- Data Safety: No unwanted credentials or private user information need to be shared with Craftware for the authentication to complete.
We designed a Web3 Authentication mechanism using your crypto wallet as your universal identity on Craftware. This helps the users gain unified, fast and effortless access to their games store-front on Craftware, while letting Games internally map user profiles to the wallets.
- Contrary to other approaches that try to establish a universal identity, we simply need the wallet to authenticate and validate a login request.
- At this stage, we are not exploring user profile teleporting across games, so keeping isolated game-specific user profiles is not an issue.
- We want to minimize relying on 3rd-party services that involve unecessary control and/or data collection.
The wallet authentication protocol will allow the player who accesses the Craftware webapp, to login to their game users with one click (and one cryptographic signature) and allow them to access all the offered services like viewing your bag and using the Port Protocol to export your bag items to the blockchain.
We will walk through three scenarios the player might encounter to illustrate the different parts of the authentication process:
As a game manager, the wallet authentication protocol sits in parallel to any existing authentication mechanism as part of the distributed Craftware SDK. Check "Setting Up Wallet Authentication" tutorial to add it today!