Authereum
  • Introduction
  • Getting started
  • Live demos
  • Dapps using Authereum
  • Install
  • Integration
  • Web3 provider
  • Ethers Signer
  • StarkWare Provider
  • SDK
  • API Keys
  • Batched transactions
  • Verifying signatures
  • Testing
  • Browser compatibility
  • Contributing
  • Bug reports
  • FAQ
  • Dictionary
  • On the Web
  • Telegram Admins
  • Assets
Powered by GitBook
On this page
  • Where are private keys stored?
  • Can I implement signature-based authentication on my dapp using Authereum?
  • Can I use the Authereum provider in node.js?
  • Does a relayer have access to my Authereum account?
  • Should I be using the Authereum SDK or the Authereum web3 provider?
  • Can I use Authereum with ganache or local testrpc?
  • Can I use WalletConnect with Authereum?
  • Can I pay to give my dapp users free transactions through the Authereum relayer?
  • If I create an account on one testnet, will it be available on other testnets?
  • Can I use a private chain or custom local RPC for testing?
  • Does Authereum offer a white-label solution?
  • Why doesn't Authereum work on my browser?
  • In there a React Native SDK available?
  • Is the Authereum SDK open source?
  • Is there an Authereum browser extension I can use?
  • Why do I need to deposit ETH into my account after signing up?
  • Which browsers support the QRCode scanner?
  • How do I set up account recovery?
  • How can I access my contract based account if Authereum ceases to exist?
  • Where can I read more FAQs?

Was this helpful?

FAQ

PreviousBug reportsNextDictionary

Last updated 4 years ago

Was this helpful?

Where are private keys stored?

When a user signs up on Authereum, a new contract-based account is deployed. Each account contract requires keys to manage it, so when you signed up a new key pair was also generated on your browser client-side. This key is encrypted with a password derived key (PBKDF2). Keys are stored in browser local storage and the encrypted keystore is stored on Authereum so that you can login in different devices.

You can always export the management key (also called Admin key) from the in settings or add additional admin keys on the

A more detailed explanation can be read in the article.

Can I implement signature-based authentication on my dapp using Authereum?

Yes! Authereum is offered as a web3 provider so the user on the dapp can generate a signature given a challenge string provided by the dapp and then verify the signatures on the backend using . A number of dapps that have integrated Authereum are doing signature based authentication. Read the section for examples on using EIP1271 for verifying contract-based account signatures and check out the section on using the web3 provider.

For a simple example on how to implement this in Node.js, check out the .

Can I use the Authereum provider in node.js?

The Authereum provider is meant to be used on the browser because it relies on iframe communication to access sandboxed local storage. If running with node directly then it won't work but we are working on a provider that would work with node for backends.

Does a relayer have access to my Authereum account?

Only you, the owner of the account, has access to the contract-based account (CBA). The relayer, or anyone else for that matter, does not have access to your CBA. The relayer takes your signed transaction and attaches the gas fee. The CBA meta-transaction method is responsible for refunding the relayer after the user's transaction has been processed.

Should I be using the Authereum SDK or the Authereum web3 provider?

We recommend using the Authereum whereever possible. The Authereum web3 provider is essentially a wrapper aound the Authereum SDK. Most dapps are built using a web3 provider so using the Authereum web3 provider should work as a drop-in replacment for MetaMask.

Can I use Authereum with ganache or local testrpc?

Not yet, but we are working on adding support for this.

Can I use WalletConnect with Authereum?

Can I pay to give my dapp users free transactions through the Authereum relayer?

Yes! Reach out to us on Telegram or email.

If I create an account on one testnet, will it be available on other testnets?

No, this doesn't happen because each testnet is a separate chain and account creating involves deployment a smart contract to that testnet.

Can I use a private chain or custom local RPC for testing?

It's not possible at the moment but we are currently working on ways to use local RPCs. It's more challenging than anticipated because of different moving parts so we can't give a definite time when we'll have something ready but it's in the works.

Does Authereum offer a white-label solution?

Why doesn't Authereum work on my browser?

In there a React Native SDK available?

Not yet but we'll be working on one soon.

Is the Authereum SDK open source?

Not yet but it will be open source once it's more stable since we're tightening things down.

Is there an Authereum browser extension I can use?

Not yet but we are working on one.

Why do I need to deposit ETH into my account after signing up?

Which browsers support the QRCode scanner?

  • iOS:

    • Safari only. Other browsers require image upload.

  • Android:

    • All browsers.

  • Desktop:

    • All browsers, as long the computer has a webcam.

How do I set up account recovery?

How can I access my contract based account if Authereum ceases to exist?

Where can I read more FAQs?

Yes! Authereum support . Simply scan a WalletConnect-enabled QRCode to setup the connection.

A white-label solution is something we're discussing about offering in the long-term. No short-term plans on a white-label solution. We'd love to hear what features you're looking for; message us on .

In order to be non-custodial, your wallet keys are decrypted and loaded into your browsers local storage under a sandboxed domain. When using a dapp, the Authereum SDK must communicate to the sandboxed domain to send requests for the private key to sign. This communication between domains is called 3rd-party communication and access to the local storage is called 3rd-party storage access, although different browsers might use different terminology such as 3rd-party cookies or 3rd-party session data. When using a browser in private mode or with shields enabled, the browser blocks 3rd-party access to the local storage which means the Authereum SDK can no longer store the private key under the sandboxed domain so in order for it to work 3rd-party access to storage must be enabled. To learn how to enable these settings, please visit the page.

Due to the it became uneconomical to sponsor new account deployments. As of August 2020, new accounts will require users to pay the on-chain transaction fee for the contract-based account deployment.

Account recovery can be configured in the page.

There's an open source simple react app () that anyone can download and run to interact directly with their contract-based account. This doesn't require any Authereum services and communicates directly with the chain. Please make sure to export your admin key first from the settings page or add an additional admin key such as your MetaMask address since transactions made to your contract-based account need to come from an admin key account.

For more FAQs, please visit the help center to view Frequently Asked Questions:

WalletConnect
telegram
browser compatibilty
high gas market
account recovery settings
https://github.com/authereum/direct
https://support.authereum.com
export page
admin keys page.
Authereum Key Architecture Explained
EIP1271
Verifying Signatures
signature-based authentication example
web3 provider
signing message