Skip to content
This repository has been archived by the owner on Aug 21, 2024. It is now read-only.

Update notes.mdx #724

Merged
merged 3 commits into from
Feb 15, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions docs/notes.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,30 @@ description: Notes and recordings from the Soroban protocol & developers meeting
2. Stellar + Soroban documentation survey
1. [Take the survey](https://discord.com/channels/897514728459468821/1204462856037470248/1205196745877757962)

## 2024-02-01

<audio controls>
<source
src="https://pub-b2eaaee2bbe74d70820bacb7298958f5.r2.dev/Stellar-Protocol-Meeting-02-01-2024.mp3"
type="audio/mpeg"
></source>
Your browser does not support the audio element.
</audio>

[Discord agenda thread](https://discord.com/channels/897514728459468821/1201979721211203614)

1. The proposal is to advance stellar-core by adding a host function to verify the secp256r1 signature, which is the most common elliptic curve used outside of the blockchain space. It is useful in connecting off-chain authentication interfaces with on-chain functionality.
1. Note that the proposal is not for a new signer type but a host function.
1. Leigh investigated adding support for the WebAuthN use case, by allowing a custom account / smart contract to sign soroban auth entries using a secp256r1-signed payload.
1. secp256r1 is supported by phones, passkeys, and enables an app to replace passwords. This is a massive benefit to user-facing applications like wallets.
1. Pros and cons of the interface: blockchains generally implement the recovery interface over the verification interface but verification is easier for developers as it reduces burden on the client and the network.
1. The WebAuthN use case requires encoding and decoding of base64 payloads and decoding JSON blobs, which is not currently supported in Soroban.
1. While there are hacky ways of accomplishing the latter, it’s not a great developer experience and final implementation is susceptible to breakages on updates.
1. It is also costly to bundle decoding with verification in guest.
1. Soroban has always led with a batteries included mindset. Keeping in line with that approach, it makes sense to further investigate and determine whether a host function makes sense for these as well.
1. Leigh’s implementation may require further evaluation of the crates used for ecdsa and p256.
1. Brief discussion around proposed process for adding of a host function by a non-core dev.

## 2024-01-26

<audio controls>
Expand Down
Loading