OAuth Engine
Last updated
Last updated
The DAuth adapts the mainstream OAuth service providers such as Google, Github, and Twitter for users to be able to pass the authentication of their social accounts without disclosing any information about it. This is because the whole authentication information is managed by the TEE and then a ZK proof is generated and passed onto the DApp proving that the user has authenticated.
The DAuth protocol splits the HTTPS protocol into two parts, HTTP and SSL, and executes them in the DAuth nodes independently. The Trusted Execution Environment (TEE) is used to establish TLS encryption channels with the social app, while the server handles the HTTP functionality. The two parts work together to issue HTTPS calls and complete the OAuth flow. The OAuth request sent from the DAuth node is compatible with any OAuth server, such as Google and Discord, allowing the users to log in to DApps with their social accounts and remain private and anonymous at the same time.
This split and reconstruction allow the TEE to make requests to external apps such as Google and Twitter through the nodes while ensuring that the nodes cannot see the transmission of information between the TEE and the target social account. This is what protects users' anonymity.
The traditional process (what is currently used in Web3) requires the user to trust that the verifier will honestly perform subsequent actions based on the verification results. When this process happens, the verifier obtains social account information related to the user, and the anonymity of the Web3 account will be destroyed.