Overview

API for Auth server with HTTP endpoints and Socket.IO WebSocket protocol.

This server facilitates communication between the Decentraland clients and the auth dapp on the browser. It allows the desktop client to execute wallet methods (eth_sendTransaction, personal_sign, etc.) using the wallet the user has on their browser.

Request Lifecycle

1. A request is created with a method and parameters

2. The server returns a request ID, expiration time, and verification code

3. The auth dapp recovers the request using the request ID

4. The request is executed on the auth dapp with the user's wallet

5. The outcome (result or error) is submitted back to the server

6. The original client receives the outcome via WebSocket or polling

Request Characteristics

• Only one request can exist at a time per connected socket. A new request will invalidate a previous one if it existed.

• Requests have an expiration (default: 5 minutes), and cannot be consumed after it.

• If the socket disconnects, any request made by that socket will be deleted.

Authentication

• For methods other than dcl_personal_sign, an authChain is required and will be validated.

• For dcl_personal_sign, no authChain is required initially.

• Signature validation is performed using @dcl/crypto Authenticator.