Error: WalletLoginError User has already enabled mfa (When connecting user)

Please provide the following details too when asking for help in this category:

• SDK Version: NodeJS SDK
• Verifier Details:
  • Verifier Name: gfal-id-dev

Hello,

We are dealing with an error where some users try to connect with a custom Token from Firebase. They get the following error:

WalletLoginError: Custom. User has already enabled mfa, please use the @web3auth/web3auth-web sdk for login with mfa
    at Function.fromCode (webpack://@web3auth/base/./src/errors/index.ts:148:12)
    at Web3Auth.<anonymous> (C:\Users\Cristian\Desktop\portal-server\server\node_modules\@web3auth\node-sdk\src\Web3Auth.ts:63:30)
    at Generator.next (<anonymous>)
    at fulfilled (C:\Users\Cristian\Desktop\portal-server\server\node_modules\@web3auth\node-sdk\dist\Web3Auth.js:5:58)
    at processTicksAndRejections (node:internal/process/task_queues:95:5) {
  code: 5000
}

We are not giving any option to the user to activate mfa. So we do not know why Web3Auth is throwing this error. Could you help? Please

Cristian - Games for a living (GFAL)

I have the same issue, help would be appreciated

@cricharte @dvogel Thanks for reaching out.

Your issue has been forwarded to a team and we will get back with further updates once more information becomes available.

Hello,

We are dealing with this error in other verifier too gfal-id-prod-388309. The users having the error in the previous verifier and in this one are totally different.

Is there any update? @vjgee

Thanks

Hey @vjgee any ETA regarding this issue?

Please correct me if I’m wrong but this looks like an issue on your end given that our users could never be able to activate MFA given that we are using no-modal node-sdk. Some of our users are experiencing this issue and we’d like to give them an answer regarding how long will it take for them to have access to their funds.

I’d be grateful if you could give us an update.
Thank you very much beforehand.
Christian

I am following up with our Developer team on this for an ETA. I will keep you updated on the timeline.

@christian @dvogel Our team mentioned that you are using incorrect SDK and Product.

If the user has not enabled MFA, we use the @web3auth/single-factor-auth sdk to retrieve the private key shares from the Web3Auth auth network nodes and reconstruct the private key.

You can refer to this doc to get a better idea: Using Web3Auth without MFA with future compatibility | Web3Auth

Thank you very much for the heads up, I have shared this information with the development team. Will get back to you soon with progress.
Thanks again.

We are using the Node SDK as you recommend in your documentation, since Web3Auth is running in our Node backend. Could you explain why we are using the SDK wrongly?

Also, how can we deactivate the MFA that was activated automatically for some of our users as we mentioned before. @vjgee

Thanks in advance.

@cricharte Thanks for your patience.

NodeJS sdk is not meant to enable MFA.

For an optimal flow, you need to use a combination of Web3Auth Single Factor Auth Web SDK and Web3Auth No Modal SDK for a one-key flow without redirection.

@vjgee

At the moment we are only using NodeJS sdk and it enables the MFA to some of our users. Is there any flow we can do to avoid the MFA check using the NodeJS sdk or deactivate it?

Thanks in advance,

Hey @cricharte

The NodeJS SDK is the part of our Single Factor Auth SDKs which is further a part of our Core Kit Product. It is meant for usage with a Single Factor, ie. only the social login share to reconstruct the key.

If you’re using this SDK alongside our plug and play SDKs, there will be issues when the user enables MFA. This is because the other factor is not present in the backend node environment, it only has the capability of constructing keys with one share. Our frontend SDKs only have the capability to use MFA factors and reconstruct keys.

Now talking about deactivating MFA for existing users:

• Unfortunately that is not supported in our SDKs, since being non custodial, we do not store additional shares.
• To make sure your users don’t use MFA in the frontend as well, make sure to use the Single Factor Auth Web SDK rather.
• You can change the verifier for login as well. This way all the user accounts will be reset and none will have any MFA set.

If you’re already in production with the SDK, unfortunately, there is no way to turn off MFA. You need to construct their keys in the frontend only. Further, please use our MFA Settings Multi Factor Authentication with PnP Web Modal SDK | Documentation | Web3Auth
to make sure you turn off MFA for your users.

Hey @yashovardhan @vjgee

We are using only the “core kit” NodeJS SDK on the backend and as you mentioned it does not allow users to enable MFA. We do not understand how it is possible that only 2 users suddenly had MFA activated for them, while other users can continue to log in normally.

I insist, at no point in time do users interact with web3auth directly. They do not see any modals or popups. They merely log in with our authentication system and our backend handles the rest. We are not using any of your plug and play sdks.

I do want to add that we are using a client ID and verifier ID in the backend as well, in case this is relevant.

We have also tried in development to use a new verifier (Using the same Client ID where we are having the mfa problem) but it now returns different wallets for the users.

For further reference, here are the web3Auth related packages we have installed:
“@web3auth/ethereum-provider”: “^6.1.3”,
“@web3auth/node-sdk”: “^2.0.1”,

Regarding the options for deactivating MFA:

• we are not using any web SDKs; web3auth is handled in the backend via the NodeJS SDK.
• We cannot reset user accounts as they already have wallets and balances, including the users that cannot currently access their accounts because of this MFA issue.

Thanks in advance,

@cricharte are you still facing this issue? If yes, can you try updating to the latest NodeJS SDK and check again for the above users