Dapp share
Embedded Wallets infrastructure at a glance
To enable the non-custodiality of Web3Auth, we split the private key into multiple shares that can be used to reconstruct the private key dynamically in the user's application. For the full explanation of how the shares work to construct the offchain multisig, see the Embedded Wallets infrastructure page.
Mobile platform user experience
On mobile devices, browser storage is not always reliable because users may unknowingly clear their browser data, causing their logins to fail. To address this risk, a dapp share provides a backup share that developers can safely store directly within their application to reconstruct the private key.
Dapp share in iOS
After a successful login from a user, the user details are returned as a response to the application in mobile devices.
Sample response in iOS
{
"userInfo": {
"email": "w3a-heroes@web3auth.com",
"name": "Web3Auth Heroes",
"profileImage": "https://lh3.googleusercontent.com/a/Ajjjsdsmdjmnm...",
"verifier": "torus",
"verifierId": "w3a-heroes@web3auth.com",
"typeOfLogin": "google",
"aggregateVerifier": "w3a-google-sapphire",
"dappShare": "", // 24 words of seed phrase will be sent only incase of custom verifiers
"idToken": "<jwtToken issued by Web3Auth>",
"oAuthIdToken": "<jwtToken issued by OAuth Provider>", // will be sent only incase of custom verifiers
"oAuthAccessToken": "<accessToken issued by OAuth Provider>", // will be sent only incase of custom verifiers
"isMfaEnabled": false // Returns whether the user has enabled MFA or not
}
}
Notice, the reponses has a field called dappShare which is a 24 words seed phrase that can be used to reconstruct the private key. This dappShare is a suplement to the Share A and represents half of the private key. The application can store the dapp share in their own application local storage safely.
While logging in, the user can use their social accounts to obtain one share, and the application provides the dapp share, removing the need to store the share in the browser context and enabling user to login seamlessly. This can be done by passing over the stored dapp share value in the login function.
It's important to note that the dappShare is only available for custom verifiers and not the standard Web3Auth verifiers. This is done to make sure that an application only has access to the corresponding share to the private key of their application's user. Hence, to use dapp share, one has to use the custom authentication feature of Web3Auth. Also, the dapp share is only returned to users who have enabled 2FA to their account.
Web3Auth().login(W3ALoginParams(loginProvider: provider, dappShare = "<24 words seed phrase>"))
Example
import Foundation
import Web3Auth
class ViewModel: ObservableObject {
var web3Auth: Web3Auth?
@Published var loggedIn: Bool = false
@Published var user: Web3AuthState?
@Published var isLoading = false
@Published var navigationTitle: String = ""
func setup() async {
guard web3Auth == nil else { return }
await MainActor.run(body: {
isLoading = true
navigationTitle = "Loading"
})
web3Auth = await Web3Auth(W3AInitParams(
clientId: clientId, network: network
))
await MainActor.run(body: {
if self.web3Auth?.state != nil {
user = web3Auth?.state
loggedIn = true
}
isLoading = false
navigationTitle = loggedIn ? "UserInfo" : "SignIn"
})
}
func login(provider: Web3AuthProvider) {
Task {
do {
let result = try await web3Auth.login(
W3ALoginParams(
// provider can be .GOOGLE, .FACEBOOK, .APPLE etc
loginProvider: provider,
dappShare: "<24 words seed phrase>"
))
await MainActor.run(body: {
user = result
loggedIn = true
})
} catch {
print("Error")
}
}
}
}