NeoAuth allows users to login to web and mobile applications using their NEO address. It removes the need for an email and password, and instead makes use of NEO's public key cryptography to securely login.View demo
The NeoAuth smart contract acts as the secure proof that a successful login attempt has occured. It is written in Python, lightweight and free to use.
The NeoAuth Node is an API which is hosted by NeoAuth but can also be run by a business. It is the bridge between the NeoAuth Client and the NEO blockchain.
Can you outline the basic functionality of NeoAuth?
When a user wishes to login to an application using NeoAuth, they will go through the following steps:
1. Input their NEO address.
2. Will be presented with two lines of text.
3. Copy and paste these two lines of text into a NEO smart contract invocation, which will invoke the NeoAuth smart contract.
4. NeoAuth smart contract saves these two lines of text in the NEO blockchain.
5. NeoAuth Client queries the NeoAuth Node to see if the two lines of text have been saved in the NEO blockchain.
6. When the NeoAuth Node detects that this has occured, the NeoAuth Client logs the user into the application.
Who will use NeoAuth and how will they benefit?
The existing NEO community will be the first to use NeoAuth. We're currently discussing how we can integrate NeoAuth into other applications within the NEO ecosystem.
After this we will aim to bring NeoAuth to a wider audience by wrapping the more complicated actions, such as invoking the NeoAuth smart contract, within a mobile app. This will allow anyone to make use of the improved security capabilities of NeoAuth without needing to understand what a blockchain or smart contract is.
Looking into the future, we are discussing the possibility of cross-chain authentication. This would allow NeoAuth to be used by the entire blockchain community.
What are your plans for ongoing development?
- Integrate with Neon wallet
- Integrate with Neo Link
- Update smart contract with better security and user experience
- Deploy smart contract to MainNet
- Enter Microsoft competition
- Go to NEO DevCon1
- Setup SAAS platform for businesses not wanting to run their own NeoAuth server
- Embedded form widget
- Mobile app
- Login via a NEO transaction
- Login via a signed off-chain transaction
- Cross-chain authentication
Are there any other comparative projects on other blockchains, and does NeoAuth have any specific advantages being on the NEO platform?
Not that I know of. There is uPort (ETH) but that is aimed more at identity, not login (https://www.uport.me/). Transaction speed helps a lot with NEO as logins are processed quickly. - Low (or no) transaction cost helps a lot as well.
Is there any scope for integrating NeoID in the future, so users can sign up to websites in a “Connect with Facebook” type process?
NeoAuth aims to provide this in 2018. NeoID will add the identity part, so you can authenticate with NeoAuth and authorise with NeoID.
What language did you use for development?
What SDKs, APIs or frameworks did you use to develop NeoAuth?
- neo-go-sdk was used to interact with the NEO blockchain. NEO node RPC API was used to fetch data stored within the NEO blockchain. Go implementation of json web tokens was used to create authentication tokens. React framework was used to build the demo user interface. Docker was used to deploy the NeoAuth backend API.
How many hours to you think you spent in development on this project?
- A lot but it has been very rewarding. I started the project when the dApp contest was announced, and probably averaged around 10 hours per week.
How would you describe your experience developing on the NEO platform?
I struggled with writing the smart contract when I started the project, as I attempted to implement it in Java. The community and resources were more focused on C# at this point.
After these discussions I focused 100% on writing the smart contract in Python, and was surpised at the brilliant developer resources and community support surrounding the neo-python project.
From that point on it was plain sailing, as the neo-python development environment and feedback loop was very similar to that of web development.
You rebranded after the dApp competition from BlockAuth. I love the new name, and I think it shows you’re serious about this project moving forward. Perhaps as importantly, it shows serious projects are being born from these dev competitions. To anyone out there who might have a NEO project they want to get off the ground, can you offer them any comments on how entering the first dev comp has helped NeoAuth?
It forces you to work to a deadline and deliver something of value for the NEO ecosystem. You meet a great bunch of developers all working in the same space with a shared low level of understanding of this new technology and the reward allows you to rapidly grow the project.
“NeoAuth demonstrates how NEO’s vision of digital identity can power any third-party application using blockchain based authentication. And beyond the immediate power of the application, its code is incredibly well designed and commented.”
City of Zion Council
Join the NEO Stack Exchange
The NEO Blockchain Stack Exchange site was proposed in order to give developers a place to ask questions, get answers, and discuss the NEO blockchain with each other. We're about halfway to getting the site to Beta status, and every commit to the proposal helps.commit to the proposal here!