Scope & build initial MVP

[walkah]

Details to follow...

[jeffgca]

We should discuss scope and design of this project, happy to jump on a call to talk more.

[jeffgca]

Discussed with @bmann and he is going to capture the in-person notes for this project. Boris - please link here!

[expede]

@bmann just to align on the absolute minimum use scope (AKA an "MVP" 😛) Something like:

Outcome Behaviour

A user can attach a WNFS to their existing MetaMask-managed DID

Why

This sidesteps the need for account linking, WebCrypto keys, and so on. While our existing WebCrypto based key management is much "cleaner" (doesn't require a browser extension, and actually runs on mobile), MetaMask has ~21 million MAU. They're doing their own key management already, and one nice thing about our high-level architecture is that as long as you have access to keys somewhere it continues to work.

Tasks

Since there's no auth lobby in this flow, it's related to AOL. It may be blocked by parts of what @bgins is working on.

• Add support for an Ethereum PK elliptic curve (secp256k1) to ts-ucan & hs-ucan
• Integrate MetaMask library
• Send UCAN signing requests to MM
• Sign up user for Fission storage account
• Create & pin local WNFS
• Use MM encryption library to store read key
  • Flow:
    • Private partition uses a AES key
    • Encrypt that with the MM public key
    • Store at a well-known path in the multiuser sharing directory (same as shared private files)
    • Able to find & decrypt this key on another MM-signed in device

Out of Scope

AFAICT, WalletConnect doesn't support encryption methods, so it actually won't work without linking or like... writing down the read key 🤷‍♀️ I suggest removing WC from scope for now.

[jeffgca]

Great! This scope looks reasonable, but we should discuss and have notes here on what dependencies this project has related to AOL - cc @bgins

[bgins]

It looks to me like we will need account creation, WNFS creation in the app, and app-local IPFS:

• Move account creation to webnative
• Move WNFS creation to webnative
• App owned: Add local IPFS implementation Not required, should be alright to use shared IPFS from the auth lobby.

[jeffgca]

TODO: discuss with team on minimum viable scope, eg what can we demo to partners or at events cc @bmann

[icidasset]

Additional info on the Add support for an Ethereum PK elliptic curve (secp256k1) to ts-ucan & hs-ucan task above.

• Add an extra column (or info) to the database on the public key algorithm (instead of checking for the MII prefix to see if it's RSA)
• Alternatively, instead of the above, store the DID instead of the parsed public key.
• Either add support for did:pkh or did:key:SECP_KEY. The PKH key might not be possible, or require a lot of changes, since you'll always need an accompanied UCAN (or other signed item) to get the signature from (because we need the signature to get the public key from the ethereum address in the PKH DID).