Secret Network Two-Factor Authentication (2FA) with Google Authenticator
Overview
Enhance security on the Secret Network by integrating Two-Factor Authentication (2FA) using Google Authenticator. This project enables users to secure their accounts and smart contract interactions with Time-based One-Time Passwords (TOTP), leveraging the privacy-preserving features unique to the Secret Network.
Key Features
- Secure Registration: Generate a unique TOTP secret key within the application.
- Easy Setup: Scan a QR code to add the TOTP key to Google Authenticator.
- On-Chain Authentication: Validate TOTP codes directly within smart contracts.
- Privacy-Preserving: Secret keys and authentication data remain confidential.
Why Secret Network?
- Encrypted Smart Contracts: Only possible on Secret Network due to its ability to handle encrypted computations.
- Enhanced Security: Protects against unauthorized access even if private keys are compromised.
- User Trust: Users can confidently secure their assets with additional authentication layers.
Usage Instructions
Prerequisites
- Keplr Wallet Extension: Install in your browser.
- Secret Network Account: Set up using Keplr.
- Google Authenticator App: Install on your mobile device.
Setup Guide
Access the Application
- Navigate to the application URL.
- Connect your Keplr wallet.
Register for 2FA
- Click "Enable 2FA".
- A unique TOTP secret key is generated.
- A QR code is displayed.
Configure Google Authenticator
- Open the app and tap "+" to add a new account.
- Select "Scan a QR code" and scan the displayed QR code.
Complete Registration
- Click "Register with Contract" to store your secret key securely.
Authenticate
- When prompted, enter the current 6-digit code from Google Authenticator.
- The smart contract validates the code on-chain.
Technical Details
Smart Contract
- Language: Rust with CosmWasm.
- Functions:
register
: Stores the TOTP secret key.authenticate
: Validates the TOTP code.
- Security: Uses
secret_toolkit
for secure storage.
Front-End Application
- Framework: React.
- Libraries:
hi-base32
: Base32 encoding.qrcode.react
: QR code generation.secretjs
: Blockchain interaction.
Impact and Applications
- Enhanced Security: Adds an extra layer of protection for users.
- Broad Use Cases: Applicable to dApps, DeFi platforms, and governance systems.
- User-Friendly: Familiar authentication method encourages adoption.
Team
- Braydn Larsen - Lead Developer
Contact
- Email: braydnl@gmail.com
- Discord: zenopie
- Telegram: @zenopie
Note to Hackathon Judges:
- Innovation: Implements 2FA directly within smart contracts using Secret Network's unique features.
- Technical Achievement: Securely integrates TOTP authentication in a privacy-preserving manner.
- Utility: Addresses the need for enhanced security in blockchain applications.
GitHub Repository: github.com/zenopie/totp-auth-contract
Live Demo: testnet.erth.network