Skip to content

Aligning on the webauthn-wallet secp256r1 auth-entry wire-shape #32

Description

@justmert

Hi Tyler. I built SoroPass, a minimal passkey SDK and drop-in create / sign / recover UI for Stellar smart accounts. The secp256r1 work (low-S normalization, the WebAuthn ceremony and payload, the Secp256r1Signature struct) is ported and hardened from passkey-kit, so thank you for the reference. I have one question about staying compatible with smart-wallet auth entries.

What I built. A small SDK (@soropass/core) that turns a Soroban auth preimage into a WebAuthn challenge, runs the assertion, low-S normalizes the secp256r1 signature, and assembles a SorobanAuthorizationEntry. It is implemented as its own minimal slice and stays ABI-compatible with the audited contract layer rather than reinventing it. It is proven on testnet against my own single-signer account (__check_auth / secp256r1_verify).

Proven on testnet. A passkey-signed auth entry passes a real __check_auth, and a wrong key is rejected on-chain:

Try it. You can see and test a live demo on the site below. The create, sign, and recover flows run with the SoroPass pre-built components on testnet, so you can run them yourself.

Live Demo: https://soropass.dev/
Docs: https://docs.soropass.dev/docs
Repo: https://github.com/justmert/soropass

Image

Question. My SDK assembles the bare Secp256r1Signature struct, which my own single-signer account consumes directly. To authorize a smart-wallet, from types.rs I read that I should wrap it as Signatures(Map<SignerKey::Secp256r1(credential_id), Signature::Secp256r1(...)>). Is the Secp256r1 SignerKey the raw WebAuthn credential-id bytes, and is building that map the path you would recommend for an external SDK, or is there a helper you would point me to?

Happy to share more or test against your wallet. Thanks again for passkey-kit, a lot of this is built on it.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions