Try   HackMD

WebAuthn Validation with ERC-5453 Endorsements and Domain Support:

Proposal for Ethereum ESP Account Abstraction Grants

Project Abstract

Our project aims to enhance the security and usability of the Ethereum ecosystem by (1) building a webauthn transaction validation system using the ERC-5453 Endorsement protocol, and (2) utilizing domain name protocols like Ethereum Name Service (ENS) for authentication and authorization of user operations at organizational levels such as sub-teams and sub-domains.

Objectives

With this grant, we hope to accomplish the following:

  1. Develop a secure and user-friendly webauthn transaction validation system using the ERC-5453 Endorsement protocol.
  2. Implement a domain-name-based authentication and authorization system (e.g., ENS) that extends beyond individual users to organizational levels.
  3. Encourage wider adoption of Ethereum technology by organizations and enterprises.

Success for this project will be measured by the successful implementation, testing, and deployment of the proposed solutions, as well as their adoption by Ethereum-based organizations and projects.

Outcomes

This project will benefit the greater Ethereum ecosystem by:

  1. Enhancing transaction security through the integration of webauthn technology.
  2. Streamlining user authentication and authorization processes for organizations and enterprises.
  3. Facilitating the adoption of Ethereum technology by larger entities.

Grant Scope

Our research will focus on:

  1. Exploring the ERC-5453 Endorsement protocol for webauthn transaction validation.
  2. Investigating the potential use of domain name protocols like ENS for authentication and authorization at organizational levels.

Expected outputs include:

  1. A fully functional webauthn transaction validation system using the ERC-5453 Endorsement protocol.
  2. A domain name protocol-based authentication and authorization system for organizational levels.

Project Team

The D3Serve project team consists of 2 members:

  1. Victor (Lead Researcher and Smart Contract Designer) - 80 hours/month
  2. James (Full Stack Engineer) - 40 hours/month

Project Background

  1. WebAuthn: WebAuthn is a web standard for secure authentication, enabling passwordless and multi-factor authentication with strong public key cryptography. It is part of the FIDO2 Project, an initiative to create strong, phishing-resistant authentication on the web. The WebAuthn specifications provide detailed information on its implementation and use.

  2. ERC-5453: ERC-5453 is an Ethereum Improvement Proposal that introduces the Endorsement protocol. This protocol allows an endorsing entity to endorse the execution of a specific smart contract function. In particular, this protocol features the ECDSA signatures from multiple party or signing agent to be verified together in the execution of EVM. You can find the ERC-5453 specifications and an implementation example on GitHub. Victor (@xinbenlv) is the lead author of ERC-5453 and its first implementations.

  3. ENS and other domain name protocols: Ethereum Name Service (ENS) is a decentralized domain name system built on the Ethereum blockchain. The ENS documentation provides more information on its specifications. ENS and other smart contract-based domain name service provides an opportunity to verify the relationship between an identity (user) and an organization. For exmaple: Alice could presents her ownership of alice.exampleorg.eth as an attestation that she belongs to the exampleorgs.eth.

Methodology

We plan to achieve our research objectives through the following steps:

  1. Conduct a thorough literature review on the ERC-5453 Endorsement protocol and domain name protocols like ENS.
  2. Design a webauthn transaction validation system using the ERC-5453 Endorsement protocol.
  3. Develop a domain name protocol-based authentication and authorization system for organizational levels in addition to the ERC-5453 verification.
  4. Test and validate the proposed solutions in real-world scenarios.
  5. Document and publish our findings and source code for community review.

Timeline

  1. Month 1-2: Literature review and system design
  2. Month 3-4: Development of webauthn transaction validation system and domain name protocol-based authentication
  3. Month 5-6: Testing and validation
  4. Month 7: Documentation and publication

Budget

Requested grant amount: $33,000

Budget breakdown:

  • Researcher and Smart Contract Designer Costs: $12,000
  • Smart Contract Audit: $7,000
  • Full Stack Development Costs: $6,000
  • Developer Engagement: 5,000
  • User Research: $3,000

The grant will be used to cover the costs of team member salaries, smart contract auditing, and full stack development.

Last changed by 
d3servelabs
d3servelabs
0
140

Read more

daily-slack

Go through all PRs and branches of the repos of namefi-astra,namefi-api, namefi-app, namefi-home, namefi-md, namefi-gpt,plus repos under github.com/d3servelabs organization that has git commitsin its default branch in the last 4 weeks, summarize a daily updates(since 6am yesterday til 6am today, US Pacific time) of every contributorin bullet points in the following format, group by contributor:

Apr 10, 2025
Hi friends,

Hi friends,

Dec 28, 2023
First Onboarding Doc

Create a hackmd.io account and get team membership

Dec 7, 2023
Smart Contracts of D3Bridge

Zainan Zhou

Oct 19, 2023
Read more from d3servelabs
Published on HackMD