In this guide you mention two approaches to switch from SFA to MFA. The guide only covers the second approach. Where do I find more information about the first one? i.e. using the Core Kit and the application handles both accounts states (SFA and MFA) during login.
@david.hernando Thanks for your recent post
Your request has been forwarded to our team and we will get back to you with further updates.
If you wish to go from SFA to MFA, you can switch to our PnP SDKs with useCoreKitKey flag as true. Please note that the verifier, client ID, authentication method should be the same and the above mentioned flag needs to be true in order to receive the same keys.
For example, if you perform authentication via Auth0 using Google login in your SFA app. If you wish to switch to PnP no modal sdk with MFA enabled. In order for your users to receive the same keys you will have to use the same verifiers, clientID as the SFA app and Google login using auth0(same clientid) in order to get the same keys.
Thanks for your answer @maharshi . I have successfully tested the migration from SFA to MFA using @web3auth/no-modal.
Now, what I’m trying to do is to migrate from SFA to MFA using Core Kit to be able to implement our own UI for MFA instead of using the default UI in https://auth.web3auth.io popup.
According to the guide linked to the original post, there are two ways to switch from SFA to MFA, and one is Core Kit. But I’d need some guidance to achieve it.
Currently, there are two ways to achieve this:
- First is using the Core Kit approach where the application itself handles both states of the user’s accounts.
- The second** approach is a hybrid approach where the application handles the user’s account state without MFA, and the account state with MFA is handled by web3auth SDK by redirecting to openlogin.
@maharshi @vjgee I managed to import the account obtained with SFA SDK into Core Kit tKey SDK. But how do I mark a verifier id as upgraded so that it cannot be used with SFA SDK anymore?
Hey @david.hernando
Can you please confirm if you’re you referring to using the import flow in tKey?
Hi @maharshi , the final goal is to move an account from SFA to tKey. I’m not sure if the import flow is the right approach or there is another way.
With the import flow I’ve been able to import the private key from the SFA SDK to the ThresholdKey SDK. However, that process does not invalidate the usage of SFA SDK for the same verifierId.
On the other hand, in this guide, when MFA is enabled with NoModal SDK, the usage of SFA SDK is invalidated and the connect() methods throws an error.
In the end, what we want to achieve is the same possibility to switch from SFA to MFA shown in the guide but using CoreKit all the time to design our own UI/UX to enable and manage the additional shares.
Hey @david.hernando
Have you used SfaServiceProvider flow?
The SFA configs will be used with tKey allowing you to bring SFA users to tKey( adding multiple factors, enabling MFA).
Hey @shahbaz , thanks for your answer.
Yes, I’ve tried with SfaServiceProvider . But I get a different private key than with @web3auth/single-factor-auth. I need to preserve the same key from SFA on tKey.
And also disable SFA for that verifierId. Exactly as you do on the guide referred previously when using @web3auth/no-modal. But with Core Kit.
Thanks for your help.
Hey @david.hernando
Thanks for reporting it. Let me report it to the team.
This is supposed to work seamlessly. Let me get back to you when I have some updates on this.
@shahbaz did you get feedback from your team?
Any hint on how can I delete nonce in Torus nodes to disable SFA ?
Hey @david.hernando
Apparently, it is taking longer than expected. Our team will follow up on this as soon as it is released from our end.