We have a mobile app that uses the web3auth react-native SDK to authenticate users with a custom JWT provider. The custom JWT flow works as follows:
The user logs in with Google (not through web3auth).
The backend server returns a JWT.
The JWT is used to authenticate the user with web3auth.
Web3auth reconstructs the key and returns login details with the main private key.
We have now implemented a TKey SDK with a 2/3 share flow, and in testing the behavior, we found that the main private key obtained by the web3auth SDK was different from the one obtained by the TKey SDK for the same user. This is because we are only using the same provider share, whereas all the other shares are newly created.
Our question is, what is the correct way to migrate a user from the web3auth SDK to the tkey SDK while maintaining the same private key returned after using the web3auth SDK? We are specifically looking for a solution using a code example in React Native only.
Tkey has initialize() function which allows you to import keys. You shouldn’t use the google login (serviceProvider.postboxKey) as tkey private key for security reasons.
You shouldn’t use the google login (serviceProvider.postboxKey) as tkey private key for security reasons
Can you explain the steps to transition a user who normally logs in using the web3auth SDK to our flow using the tkey SDK? Both SDKs use the same service provider share, but the gated private key is different for each. We need to maintain the one returned from web3auth.
We’re only using the service provider private key as the postboxKey to fetch the metadata from the storage later. I’m not sure what you mean by the “tkey private key”, but if you mean the gated private key, we’re not using it as the gated private key.
There’s also a separate, but related issue regarding using web3auth SDK along with tkey SDK.
After logging in with web3auth sdk (no backup share prompt), then with tkey sdk, then with web3auth again requires a backup share. However, I am unable to generate the backup share on mobile using web3auth. Logging into beta.openlogin.com and creating the backup mnemonic does not work as it says invalid when input on mobile. The backup mnemonic only works for web login. Please note that the pasted mnemonic below has no whitespace.
I think you’re mixing SDKs here. In most of the scenarios, you won’t have to use both of the SDKs in conjunction. You should remove the web3auth sdk and use tkey directly
Does your production app today use the web3auth sdk ?
