Is there a way to detect if a given user has already created a key with the given default verifier for given ClientId? As far as I was able to find, there’s a VerifierLookupRequest node RPC call to detect whether given user (email) has a key stored for the given verifier (e.g. tkey-google) which almost does what we’d want, but it doesn’t take into account the clientId which therefore can lead to false positives as the user may have created the key on other app using the default verifier.
To clarify, the usecase for this feature could e.g. be the migration of users from the default to a custom verifier - i.e. after login (let’s say to Google) we could detect in the background whether the user has already made an account with our Web3Auth project in the past through the default verifier and if so, offer them the option to migrate their key to the new verifier (through a separate flow), allowing for a seamless transition for them.
We are currently using the @web3auth/no-modal library with @web3auth/openlogin-adapter using the default verifiers. From the SDK we obtain the private key which we use as a seed for our multicoin wallet. Now we would like to migrate to @web3auth/single-factor-auth to streamline the login UX, skipping the redirect through https://auth.web3auth.io which is inherently needed for the default verifiers (if I understood correctly)
To clarify, we are planning to use @web3auth/single-factor-auth for the new login alone. But to pull off the migration itself (copying the clientId-scoped tkey from the default verifier to the new custom verifier) we are planning to use the lower-level tkey SDK and this migration flow would live in a standalone web app (user logs in with default verifier, we load the tkey and initialize from it the key in the new custom verifier) which we’d redirect the affected users to
@rafael.korbas This migration is only possible if you’ve used custom authentication with your own login verifiers with Plug and Play SDKs. If you’re using the default verifiers , the keys will change in the new integration.
It’s possible to migrate from PnP to SFA, but it only works for those users who have not enabled MFA and you’ve used Custom Authentication with PnP. You cannot import the keys from default verifier to a new custom verifier.
Our idea is to store the private key from the default verifier (which we obtain by the user logging via the OpenLoginAdapter) into the new Custom verifier. From the code/docs I got the impression that the tkey SDK allows you to import a private key of your choice when initializing it (see the importKey parameter): https://github.com/tkey/tkey/blob/8512f3493e1eb00bdf752bdc706e765f12a81c68/packages/core/src/core.ts#L210
Though I didn’t find an actual code snippet showcasing such import and as far as I tried I didn’t manage to persist the key in the torus network (i.e. upon new login I still got a different key). So I hope I’m just doing something wrong. If importing a private key of your choice when initializing it is indeed possible, can you provide some code snippet showcasing how to do it?
so far I’m trying the following:
const tKey = new ThresholdKey({
modules: {
webStorage: webStorageModule,
securityQuestions: securityQuestionsModule,
},
customAuthArgs: {
web3AuthClientId: "<ClientId>",
baseUrl: `${window.location.origin}/serviceworker`,
network: TORUS_SAPPHIRE_NETWORK.SAPPHIRE_MAINNET,
enableOneKey: true,
},
});
...
await tKey.initialize({
importKey: new BN(<my private key in hex>, 16),
neverInitializeNewKey: false,
delete1OutOf1: true,
}); // subsequent login with `initialize()` returns different key :/