BRC-103 Authentication and Identity

[KarlTheProgrammer]

I think we should separate authentication and identification. Authentication should just be providing a public key, proving you own it with a signature of challenge data provided by the other party, and then performing actions based on that key. Identify can be linked to authentication keys via certificates if necessary, but I think that will often be optional. For instance if I initiate communication with a friend then we can do identity verification out of band without any certificates.

Replay issues should be resolved naturally. For a payment the recipient should provide unique locking scripts to receive the tokens so the receiving keys don’t need to be derived from the nonce. Re-using locking scripts is not a good idea for many reasons. For authentication the other party should create a unique challenge to sign based on the current time so that the other party has to prove they can generate a new signature. I believe this removes the need for tracking previous nonces to ensure they aren’t reused.

For simple HTTP calls after initial authentication a hash from the auth process can simply be used in the http request “Authorization” header. For more complex communication, data can be signed with the same key used during authentication to link the messages to one “identity”. Timestamps can be included in the data to ensure it is fresh, but other than that specific methods to the actions being performed might be necessary to prevent replaying messages.