Comments (2)
@apetersson here's my interpretation: BitID is specifically bound to bitcoin addresses, whereas bitauth generates its own public+private key combos via their own protocol (the SIN). I'm not 100% sure of the advantage of this since bitcoin addresses can also be generated on the fly. So I'm not sure what the new encoding accomplishes (but I'm sure there is a good reason for it). Another major difference is in the steps involved to pass, and finally verify ownership of the public address. Bitauth is super straight forward this way - you just send a signed nonce including your public key which can be verified on the server. This makes it awesome and clean for authenticating api requests. With Bitid, you sign a challenge and nonce. The challenge is also a callback url, which is the target you send your signed package to, out of band. This makes it especially suitable for out of band human oriented auth like using your phone camera to verify your identity by scanning a QR code, but much more cumbersome as a tool for authenticating api requests.
from bitauth.
There should be compatibility between BitID and BitAuth, especially since it's using the same crypto. I think the only difference is that BitID uses a bitcoin address as the identifier and BitAuth uses a different version byte when encoding an "address" and thus isn't necessarily used to receive bitcoin.
from bitauth.
Related Issues (20)
- Implementation Specification Paper HOT 1
- Browser build on Post-Install
- Node 0.12.0 has 'bad decrypt' error HOT 2
- Add encryption HOT 1
- signed responses? HOT 1
- Recover Public Key From Signed Message HOT 1
- Support for Web Cryptography API HOT 3
- make-dist.sh doesn't check command path or success of bundle creation and minification
- 𝒰nicode 𝔖upport? HOT 2
- Provide Browserified & Minified Code In Releases HOT 3
- Make A Tagged Release For 0.3.1 HOT 2
- BIP43 "purpose" number for bitauth key generation from a BIP32 seed HOT 2
- Broken Browserify HOT 1
- Version 0.3.1 Breaks Google Closure Compiler Support HOT 1
- Installation error HOT 1
- How is this different from a signed JWT?
- I failed to build android
- Please release a new version HOT 4
- Invalid character in header content ["x-signature"] HOT 2
- [email protected]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bitauth.