JustAuth | Social Auth on TRON

Project Name: Just Auth
Project Track: Web3

Team Name: JustAuthDevs
Team Member(s): 2

DevPost Project Link: JustAuth | Devpost

Project Goal:
JustAuth aims to simplify and secure the authentication process for dapps on the TRON blockchain. Our goal is to provide a user-friendly, secure, and seamless authentication solution that bridges the gap between traditional web applications and blockchain-based dApps. By doing so, we aim to accelerate the adoption of Web3 technologies and make blockchain interactions more accessible to a broader audience.

Project Value:
JustAuth brings significant value to the blockchain ecosystem by:

• Simplifying User Onboarding: By providing a familiar email-based authentication process, JustAuth lowers the entry barrier for new users, making it easier for them to interact with blockchain applications.

• Enhancing Security: Our solution implements advanced encryption and key splitting techniques, ensuring that users’ private keys are securely managed without compromising on usability. The private key of the user is never persisted at a single system. Thus, ensuring that

• Improving User Experience: JustAuth offers a smooth, intuitive interface for authentication, wallet creation, and transaction signing, making blockchain interactions feel more natural and less intimidating.

• Accelerating dApp Development: By offering a ready-to-use authentication solution, JustAuth allows developers to focus on their core application features rather than building complex authentication systems from scratch.

• Promoting TRON Ecosystem Growth: As an easy-to-integrate solution, JustAuth encourages more developers to build on TRON, potentially leading to an increase in the number and quality of dApps in the ecosystem.

Project Info:
justauth.pdf (78.3 KB)

Developer Documentation: https://just-auth.gitbook.io

Project Website:
https://just-auth-dashboard-production.up.railway.app

Project Test Instructions:
To test JustAuth, please follow these steps:

• Click on the Demo button in on our website.

• Click on “Login/Register”, and enter your email address. You will receive a One-Time Password (OTP) via email. Enter this OTP in the provided field.

• Once authenticated, you’ll be able to view your wallet information, including address and balance

• Send a test transaction (use the Nile testnet faucet to get test TRX)

• Sign a message and verify the signature

• Export your private key (for demonstration purposes only - never share your actual private key)

• Try logging out and logging back in to test the persistence of your account.

• For developers, we provide a React hook (useJustAuth) that can be easily integrated into any TRON dApp. Documentation for this can be found in our documentation

Project Details:

image1920×1085 31.2 KB

image1920×1081 38.2 KB

image2880×1560 341 KB

Understanding the security aspects
JustAuth sets itself apart from solutions like Web3Auth by offering a more user-centric and secure approach to authentication. While Web3Auth relies heavily on their proprietary network of authentication nodes, which are ultimately controlled by a single entity, JustAuth gives users the complete control over their keys and security works just like non-custodial wallets like TronLink works. The key generation happens on client side, and it is split into 3 parts, a part of the key is persisted on the client side storage, while the user is ask to create a password to encrypt the second and third part of the key. The second and third parts are then persisted on server side, but since the password was just a frontend state, the server can never ever decrypt the private key. Whenever the dapps requires to do any action involving private key, we reconstruct the private key using a client side part and one server side part.

When a user logs in from another device which does not have the client share, we get 2nd/3rd parts from server, and asks the user for password to decrypt on client side, regenerate the client side share and persist on that device.

Smart Contract links: Not applicable

Project Milestones:
Sept 1-10:

• Complete core authentication functionality
• Implement wallet creation and management
• Develop basic UI for login and dashboard

Sept 11-20:

• Implement transaction and message signing features
• Create the landing page and improve overall UI/UX
• Develop the useJustAuth React hook

Sept 21-30:

• Implement private key export functionality
• Enhance security measures and perform internal testing
• Create comprehensive documentation for developers

Oct 1-8:

• Conduct thorough testing and bug fixes
• Optimize performance and user experience
• Prepare final submission materials (video demo, presentation deck)
• Deploy the final version of the application

Plans going forward:

• We have a lot in pipeline to be built over JustAuth. We want to enhance the developer documentation and add support for more languages other than JS. We also aim to open source our key generation and splitting logic as well as get them audited to ensure security of our users.
• Apart from this, we also want to build more comprehensive developer suite in JustAuth by adding support for regular web3 wallets like TronLink to ensure that every dapp has the option to select to auth type for them.
• Also we plan to add tron specific functionalities in the SDK to include support for energy top-up, renting by collaborating with existing Dapps in ecosystem to onboard more developers.

Welcome to S7

-How have you tested the scalability of your solution, particularly in terms of handling a large number of users and transactions.

• What steps have you taken to gather feedback from users and ensure a positive user experience.

Welcome to hackaTron S7! Your platform create wallet for the users?
Do you plan integrating a wallet import feature to your platform to enable those who may not like the idea of a second party having access to their private keys to enjoy the benefit of what you are building?

Hello @Okorie , thanks for going through our project post.

• Regarding handling of transactions, our platform does not take care of the transactions itself, rather only focus making the user sign using the keys. The signed transactions are then submitted to tron chain like other wallet.
• We have just developed our MVP and are looking to gather user feedback now.

@JustAuth
Thanks for your warm explanation and clarity

Welcome to the Hackathon of season 7, you have a very interesting work here as I read everything you are writing, please tell me how are you going to handle you’re users who will want to import their existing wallet instead of creating a new one, thank you

Welcome to Hackathon Season 7, this is quite interesting.
Will you need to comply with KYC or AML regulations in the future, especially given the integration with email-based logins?

@Youngyuppie
Definitely. This is one of the features we are working on priority. Will give users an option to themselves import their private keys, rather than creating a new wallet.

Hello @ines_valerie
As mentioned in above comment, this is one of the top features in our priorities and we should be pushing that soon. You will be able to set your existing wallet against your email

Hello @manfred_jr very valid question.

However there won’t be any need for KYC on our end, because our platform is only enabling the wallet features in a more intuitive way, KYC or any other compliance should not be required until we are involving ourselves in any transactions on our platform

I clearly get that, thanks for the clarity.

This would be great if you implement the other web2 provider (google, apple, farcaster, etc). Then allowed developer to use the access-token. Just email isn’t reliable enough.
because we made our own auth system into library too in our multiple tron applications, but our focus is not improving the social auth and focusing on the application itself

Yes yes sir, we are onto it. Would soon be implementing google auth support as well and allowing developers to add their client secrets to get started with integration.
We can surely connect in DMs if you want to integrate our sdk.

That will be very good, I am looking forward to it

Hello JustAuth team! Thank you for building with TRON!

I’m trying to test your Auth tool, however I’m not receiving my OTP , would you please check if there is a problem with your system? I’ll gladly try again after you confirm issue is recolved

Best Regards!

this reaaly amazing one of the best social media out there

Hello @SimbadMarino thanks for testing our platform, and apologies that it didn’t work as expected. Actually the backend hosting provider was on a free service due to which it shut down our service if there was a few hours of inactivity. Now we have shifted our backend to a different hosting service.

You should not experience any issues now. You can now test out the platform, the demo of our product is available at JustAuth and developer integration docs can be found at https://just-auth.gitbook.io/

You can create an account using your email, enter the OTP, set a password for your self-custodial wallet and your wallet be created. You can then test out features like transaction signing, message signing, exporting private key etc. Also we just now pushed a test faucet as well, to get test funds in your newly created wallet.

Hello all,

A few folks reached out to us, as they were using wallet for the first time, and didn’t know how to get funds. So we have added a new Faucet functionality in our demo app to get test funds for your newly created wallet

Please check it out at JustAuth

image1920×1037 32.1 KB

@manfred_jr @Youngyuppie @Okorie @Nweke-nature1.com @Kojopapo @constantinpricope201 @Chizz @sammycoderr @ines_valerie
Please share your feedback.

Thanks for the support @ines_valerie . Will keep you posted as we ship new features

Welcome to Grand hackathon S7, all the best