Developer Q&A

Can you outline the basic functionality of NeoAuth?

When a user wishes to login to an application using NeoAuth, they will go through the following steps:

1. Input their NEO address.

2. Will be presented with two lines of text.

3. Copy and paste these two lines of text into a NEO smart contract invocation, which will invoke the NeoAuth smart contract.

4. NeoAuth smart contract saves these two lines of text in the NEO blockchain.

5. NeoAuth Client queries the NeoAuth Node to see if the two lines of text have been saved in the NEO blockchain.

6. When the NeoAuth Node detects that this has occured, the NeoAuth Client logs the user into the application.

Who will use NeoAuth and how will they benefit?

The existing NEO community will be the first to use NeoAuth. We're currently discussing how we can integrate NeoAuth into other applications within the NEO ecosystem.

After this we will aim to bring NeoAuth to a wider audience by wrapping the more complicated actions, such as invoking the NeoAuth smart contract, within a mobile app. This will allow anyone to make use of the improved security capabilities of NeoAuth without needing to understand what a blockchain or smart contract is.

Looking into the future, we are discussing the possibility of cross-chain authentication. This would allow NeoAuth to be used by the entire blockchain community.

What are your plans for ongoing development?

• Short term:
  - Integrate with Neon wallet
  - Integrate with Neo Link
  - Update smart contract with better security and user experience
  - Deploy smart contract to MainNet
  - Enter Microsoft competition
  - Go to NEO DevCon1

  Medium term:
  - Setup SAAS platform for businesses not wanting to run their own NeoAuth server
  - Embedded form widget
  - Mobile app
  - Login via a NEO transaction
  - Login via a signed off-chain transaction

  Long term:
  - Cross-chain authentication
  - ICO

Are there any other comparative projects on other blockchains, and does NeoAuth have any specific advantages being on the NEO platform?

Not that I know of. There is uPort (ETH) but that is aimed more at identity, not login (https://www.uport.me/). Transaction speed helps a lot with NEO as logins are processed quickly. - Low (or no) transaction cost helps a lot as well.
.

Is there any scope for integrating NeoID in the future, so users can sign up to websites in a “Connect with Facebook” type process?

NeoAuth aims to provide this in 2018. NeoID will add the identity part, so you can authenticate with NeoAuth and authorise with NeoID.

What language did you use for development?

• The smart contract was written in Python, using neo-python and neo-boa. The frontend components were written in Javascript.The backend API was writtin in Go.

What SDKs, APIs or frameworks did you use to develop NeoAuth?

• neo-go-sdk was used to interact with the NEO blockchain. NEO node RPC API was used to fetch data stored within the NEO blockchain. Go implementation of json web tokens was used to create authentication tokens. React framework was used to build the demo user interface. Docker was used to deploy the NeoAuth backend API.

How many hours to you think you spent in development on this project?

• A lot but it has been very rewarding. I started the project when the dApp contest was announced, and probably averaged around 10 hours per week.

How would you describe your experience developing on the NEO platform?

• I struggled with writing the smart contract when I started the project, as I attempted to implement it in Java. The community and resources were more focused on C# at this point.

  I stepped back and implemented the smart contract in Go to make sure that it worked. At this point I starting chatting with Tom Saunders (@localhuman) about neo-python.

  After these discussions I focused 100% on writing the smart contract in Python, and was surpised at the brilliant developer resources and community support surrounding the neo-python project.

  From that point on it was plain sailing, as the neo-python development environment and feedback loop was very similar to that of web development.

You rebranded after the dApp competition from BlockAuth. I love the new name, and I think it shows you’re serious about this project moving forward. Perhaps as importantly, it shows serious projects are being born from these dev competitions. To anyone out there who might have a NEO project they want to get off the ground, can you offer them any comments on how entering the first dev comp has helped NeoAuth?

• It forces you to work to a deadline and deliver something of value for the NEO ecosystem. You meet a great bunch of developers all working in the same space with a shared low level of understanding of this new technology and the reward allows you to rapidly grow the project.