Jons Mostovojs @jonn@social.doma.dev

Dropping #ecto in favour of using a #genserver with a simple async persistence only for the things that need to be persisted made a credential verification from a 50+ms ordeal into 1-ms ordeal. x50 speedup makes me hopeful about #doauth 0.4 demo making a user account in sub-100ms, compared to sub 1.5s which 0.3 shows.

https://github.com/doma-engineering/cluster/tree/main/lib/uptight

Making #elixir reasonable with deep functional programming.

If I had Uptight.{Text, Binary, Base} while coding #doauth v0.2 and 0.3, I would have done it so much faster.

I know this demo is kinda trashy, but it's a good introduction into how a "registration" works with #doauth and #verifiablecredentials.

https://www.youtube.com/watch?v=22zbm2qNhSw

If you have any feature requests for a next-gen federated authentication and authorisation system, hit me up or make an issue: https://github.com/doma-engineering/do-auth/issues

You can also contribute stuff like biometrics support via react-native (to eliminate the password) and more fun protocols! We also need replication via federation for high availability.

If anyone is excited about #AAA system that anyone can set up in under half an hour (as opposed to #keycloak) and that uses VC/DID by default, and doesn't use blockchain to store data, let's chat too!

Day job done for today, it means, it's time to write some code for #doauth. Tune in to my no comments stream. I reply in chat though.

https://twitch.tv/0x101

Reimplementing trust on first use for #doauth over at https://twitch.tv/0x101

#100daysofcode

With the tech I have developed with #doauth, I figured, it would make sense to build something like a FOSS about.me that is geared towards geeks, with a cup-of-coffe-per-month hosting.

What key features would you like to see in such a product?

Boosts are welcome.

```
Wed Jun 16 16:22:06:471171601 sweater@rethink ~
λ pass doma/maja.doma.dev
"slip": {
"ops": 4,
"mem": 40960,
"saltSize": 16,
"salt": "5A7ZuPZv8yrOdbU0CTZ0mQ=="
}

*redacted*
```

Feels great to have #doauth password and KDF slip stored in my password manager!

Sneak peek:

https://maja.doma.dev/demo.html

One step closer to integrating #doauth and #mastodon!

As of today we have browser-issued #verifiablecredentials.

I made so many accounts with #doauth already, omg.

https://asciinema.org/a/419081

So, @pola and I have signed up an account through a <textarea> designated for verifiable credential.

I'm finishing up with namespacing for #doauth and we're gonna integrate tomorrow, fingers crossed.

It will mean that we have a VC / DID authentication for #mastodon.

You can already deploy #doauth to your server in dev mode and start registering users. If you do, share your server's PK with me so that I can add it to my server!

https://git.sr.ht/~doma/do-auth/commit/d6703343e9c437a51a1133335d5fd421126818cb

Working hard on #doauth being privacy-preserving. API first, backend later.

Invites work! #doauth

Managed to write a count-based invite system full implementation with #doauth as a library takes 111 LoC.

Going to write tests tomorrow and start looking into integration with mastodon 🎉

Another milestone for #doauth!

Invite functionality is implemented, now it's basically #clubhouse.

Getting sleepy...

I wonder if I'll manage to implement limked lists for verifiable credentials as seen in #doauth, thus implementing everything needed for the quantity-bound invite protocol.

Another milestone in #doauth's history: JS client verified its first credential!

Ok well anyway, test your code, kids.

Here's a screenshot of sodium.js producing the same key as #doauth #Elixir server.

We are getting places with #doauth cryptography in browser.
Can't wait to polish the second prototype and start integrating it with services, looking at OIDC compliance, etc.

Finally, #doauth is sending stuff over HTTP!

A pretty big day.