How to Connect a Two-Factor Authentication (2FA) API to a Smart Contract With Chainlink

This article was first published on Chainlink
-----

How to Connect a Two-Factor Authentication (2FA) API to a Smart Contract With Chainlink

Digital Bridge, the Chainlink Judges’ Pick Award from the Unitize Hackathon, used a Chainlink External Adapter to connect a 2FA API to a Chainlink oracle for decentralized verification of a 2FA PIN’s validity. Their 2FA smart contract is a great example of how Chainlink’s customizable and secure oracle infrastructure can be used to connect off-chain APIs to smart contracts, enabling new, highly configurable on-chain security workflows.

In this post, the Digital Bridge team, Javier Salomon, Alejandro Pronotti, and Mateo Hepp, explain how to integrate a Chainlink 2FA adapter into an Ethereum dApp so it can be used across a number of use cases, from securing DeFi funds to KYC verification.


By Alejandro Pronotti, Javier Salomon, and Mateo Hepp

Chainlink’s External Adapter feature makes it easy to connect smart contracts to any API, enabling a variety of use cases for smart contracts to trigger off-chain events and bring tamper-proof digital agreements to external systems.

For the Digital Bridge technical integration, we developed a Chainlink External Adapter to read an off-chain, high-availability 2FA API authentication service, and we also configured a custom Digital Bridge Chainlink oracle node that relays the secret codes needed to confirm 2FA. The oracle can implement an External Adapter using Amazon AWS Lambda, Google Cloud Platform functions, or Docker.

In order to authenticate the user holding the 2FA secret code, a user submits a transaction on-chain containing their customer ID and the hash of their temporary one-time password generated by their authenticator app. A specified Chainlink node scanning the blockchain then picks up on this transaction and queries an off-chain server (via API) to validate the 2FA code’s authenticity. Once the Chainlink node receives a response, it delivers this Boolean value on-chain, which, if authorized TRUE, then triggers the smart contract to ...

-----
To keep reading, please go to the original article at:
Chainlink

Comments (No)

Leave a Reply