Paper 2022/1646

Blockin: Multi-Chain Sign-In Standard with Micro-Authorizations

Matt Davison, Virginia Tech
Ken King, Virginia Tech
Trevor Miller, Virginia Tech
Abstract

The tech industry is currently making the transition from Web 2.0 to Web 3.0, and with this transition, authentication and authorization have been reimag- ined. Users can now sign in to websites with their unique public/private key pair rather than generating a username and password for every site. How- ever, many useful features, like role-based access control, dynamic resource owner privileges, and expiration tokens, currently don’t have efficient Web 3.0 solutions. Our solution aims to provide a flexible foundation for resource providers to implement the aforementioned features on any blockchain through a two-step process. The first step, authorization, creates an on-chain asset which is to be presented as an access token when interacting with a resource. The second step, authentication, verifies ownership of an asset through querying the blockchain and cryptographic digital signatures. Our solution also aims to be a multi-chain standard, whereas current Web 3.0 sign-in standards are limited to a single blockchain.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint.
Keywords
blockchain security authorization smart contracts access control algorand sign-in authentication nft
Contact author(s)
mattd7 @ vt edu
kking935 @ vt edu
trevormil @ vt edu
History
2022-11-28: approved
2022-11-27: received
See all versions
Short URL
https://ia.cr/2022/1646
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/1646,
      author = {Matt Davison and Ken King and Trevor Miller},
      title = {Blockin: Multi-Chain Sign-In Standard with Micro-Authorizations},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1646},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/1646}},
      url = {https://eprint.iacr.org/2022/1646}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.