ARC-0031 : Authentication with Algorand accounts #654
SudoWeezyci.yaml
on: pull_request
Save PR Number
3s
HTMLProofer
38s
CodeSpell
9s
ARC Walidator
5s
Annotations
11 errors and 14 warnings
|
section `Security Considerations` is out of order:
ARCs/arc-0031.md#L257
error[markdown-order-section]: section `Security Considerations` is out of order
--> ARCs/arc-0031.md
|
257 | ## Security Considerations
|
= help: `Security Considerations` should come after `Reference Implementation`
|
|
non-relative link or image:
ARCs/arc-0031.md#L65
error[markdown-rel-links]: non-relative link or image
--> ARCs/arc-0031.md
|
65 | - The message MUST change arbitrarily for each authentication request to avoid [replay attacks](https://en.wikipedia.org/wiki/Replay_attack);
|
|
|
non-relative link or image:
ARCs/arc-0031.md#L77
error[markdown-rel-links]: non-relative link or image
--> ARCs/arc-0031.md
|
77 | The Verifier responds with a message to be signed with the account's secret key *SKa*. The User queries the Wallet to sign the message. At that stage, the Wallet **MUST** check the message origin with the expected Verifier (to protect Users from [man-in-the-middle attacks](https://en.wikipedia.org/wiki/Man-in-the-middle_attack)). Once the message is signed, the User sends the result back to the Verifier. Finally, the Verifier checks the signature and, if it is all good, authenticates the User.
|
|
|
non-relative link or image:
ARCs/arc-0031.md#L146
error[markdown-rel-links]: non-relative link or image
--> ARCs/arc-0031.md
|
146 | The `auth-msg` **SHOULD** be compliant with [ARC-2](https://github.com/algorandfoundation/ARCs/blob/main/ARCs/arc-0002.md), having the parameter `\<dapp-name\>`=`arc31`, for example:
|
|
|
non-relative link or image:
ARCs/arc-0031.md#L162
error[markdown-rel-links]: non-relative link or image
--> ARCs/arc-0031.md
|
162 | The `auth-msg` **MUST** be exchanged as a base64 encoded [msgpacked](https://msgpack.org/index.html) message, prefixed with the `"AX"` domain separator, such that:
|
|
|
non-relative link or image:
ARCs/arc-0031.md#L170
error[markdown-rel-links]: non-relative link or image
--> ARCs/arc-0031.md
|
170 | > To learn more about Algorand Rekeying feature visit the [Rekey section](https://developer.algorand.org/docs/get-details/accounts/rekey/?from_query=rekey#create-publication-overlay) of the developer portal.
|
|
|
non-relative link or image:
ARCs/arc-0031.md#L172
error[markdown-rel-links]: non-relative link or image
--> ARCs/arc-0031.md
|
172 | The *authorization address* of an account can be checked directly from the Algorand blockchain. Indeed, a Verifier can inspect the [account API](https://developer.algorand.org/docs/rest-apis/algod/v2/#get-v2accountsaddress) to check the account's `auth-addr` parameter. This parameter, if not empty, indicates the *authorization address* *PKa'*.
|
|
|
non-relative link or image:
ARCs/arc-0031.md#L211
error[markdown-rel-links]: non-relative link or image
--> ARCs/arc-0031.md
|
211 | > To learn more about Algorand MultiSig feature visit the [Multisignature section](https://developer.algorand.org/docs/get-details/accounts/create/#multisignature) of the developer portal.
|
|
|
non-relative link or image:
ARCs/arc-0031.md#L263
error[markdown-rel-links]: non-relative link or image
--> ARCs/arc-0031.md
|
263 | The ARC-31 reference implementation is available in the `assets` directory of this repo `assets/arc-0031`. It provides an example of client-server authentication with ARC-31. The reference implementation uses [MyAlgoWallet](https://wallet.myalgo.com/) as the unique wallet (at the time of writing) providing the possibility of signing random bytes.
|
|
|
non-relative link or image:
ARCs/arc-0031.md#L265
error[markdown-rel-links]: non-relative link or image
--> ARCs/arc-0031.md
|
265 | Reference implementation credits: [mrcointreau](https://github.com/mrcointreau)
|
|
|
CodeSpell
cannot find ignore-words file
|
|
Save PR Number
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/upload-artifact@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
ARC Walidator
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b, algorandfoundation/arcw-action@dist. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
ARC Walidator
The `save-state` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
ARC Walidator
The `save-state` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
ARC Walidator
The `save-state` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
CodeSpell
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
CodeSpell
The `save-state` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
CodeSpell
The `save-state` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
CodeSpell
The `save-state` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
HTMLProofer
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b, ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
HTMLProofer
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
HTMLProofer
The `save-state` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
HTMLProofer
The `save-state` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
HTMLProofer
The `save-state` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
pr_number
Expired
|
86 Bytes |
|