• Vision
• Architecture Diagram
• Sequence Diagram
• Decisions

This project holds the standard FIDO2 api endpoints and the Proof of Knowledge for Algorand specific private keys. The api is a stateful session-based architecture with endpoint guards. A user must prove ownership of a private key to associate PublicKeyCredentials

• Node.js 18+
• Docker

git clone [email protected]:algorandfoundation/liquid-auth.git && cd liquid-auth

note on VPNs: Ngrok will not work with VPNs, so to run locally the project, disable it or configure your VPN's split tunneling to allow ngrok traffic.

Sign up for a free account at ngrok and follow the instructions to get your <NGROK_AUTH_TOKEN> and <NGROK_STATIC_DOMAIN>.

Don't run the ngrok commands directly as expressed in the ngrok guide as it will create run-time port conflicts.

ngrok will ask you to add your auth token to your configuration file.

ngrok config add-authtoken <NGROK_AUTH_TOKEN>

Will then ask you to deploy your static domain, make sure to change the port to 5173 like this:

ngrok http --domain=<NGROK_STATIC_DOMAIN> 5173

Add a ngrok.yml configuration to the root directory.

version: 2
authtoken: <NGROK_AUTH_TOKEN>
tunnels:
  website:
    addr: liquid-auth:5173
    proto: http
    domain: <NGROK_STATIC_DOMAIN>

Make sure to update the authtoken and domain in the ngrok.yml file with your ngrok details.

Update the .env.docker file with the following keys with the values from ngrok:

HOSTNAME=<NGROK_STATIC_DOMAIN>
ORIGIN=https://<NGROK_STATIC_DOMAIN>

Run the following command to start the backend:

docker-compose up -d

Navigate to the ngrok URL in your browser to test the FIDO2 feature.

Open the Connect Modal on the website and scan the QR code using the "Connect" button on the Android device. Follow the instructions on the Android device to register a credential.

Once the credential is registered, you can send messages over the peer connection.