Digital Bridge Using Chainlink to Launch a 2FA Oracle for Smart Contracts
Digital Bridge is excited to announce that we’ve built a two-factor authentication (2FA) oracle for smart contracts using Chainlink’s market-leading oracle technology. Initially set to launch on the Matic Network, projects will be able to use the Digital Bridge Chainlink oracle to integrate 2FA security into the smart contract layer of their applications, further extending the security guarantees they obtain through Chainlink.
We built Digital Bridge on top of the Chainlink Network because it’s the most secure, reliable, and flexible oracle solution in the market. It’s external adapter framework provided the modularity we required to connect with off-chain 2FA APIs and eventually service a multitude of blockchains beyond Matic. Additionally, it’s a provably secure and time-tested oracle network that is widely adopted throughout the DeFi industry and beyond, currently securing over $4B in user funds for numerous small and large DeFi projects.
Digital Bridge initially developed the 2FA smart contract solution for the Unitize 2020 Hackathon, where it won Chainlink’s Judges Pick Award. Since the hackathon, we’ve expanded on this concept and aim to productize it for use by dApps, node operators, and anyone else wanting to optimize their security.
Integrating 2FA Using Chainlink External Adapters
For the technical integration, we developed a Chainlink external adapter to read an off-chain, high-availability 2FA API authentication service, as well as built a custom Digital Bridge Chainlink oracle node that relays the secret codes needed to confirm 2FA. We can implement an external adapter using Amazon AWS Lambda, Google Cloud Platform functions, or Docker.
In order to authenticate the user holding the 2FA private key, a user submits a transaction on-chain containing their ID and the temporary one-time password generated by their authenticator app. A Chainlink node scanning the blockchain then picks up on this transaction and queries an off-chain server (API) to validate the 2FA code’s authenticity. Once the Chainlink node receives a response, it delivers this boolean value on-chain which, if authorized TRUE, then triggers the smart contract to grant authorization to the original user.
This implementation avoids man-in-the-middle attacks by using a SHA256 hash of the PIN and creating an external adapter to compare them.
Smart Contract Security Strategies Using 2FA
By enabling smart contracts to get access to 2FA confirmations, users can create a defense-in-depth strategy to further protect user funds within a decentralized application, or a Chainlink node can further enhance the security of its on-chain responses or updates.
Many users want a second layer of security for their smart contracts. The following cases are examples where added 2FA can increase security:
- Confirm high-value trades or transactions
- Confirm changes to sensitive contract settings
- Temporarily delegate a set of tasks to an employee
- Reconfirmations of security authorization within Apps that employ time-based lockouts
These are just a few of the many ways smart contract developers will benefit from 2FA, and we are excited to continue building out our Digital Bridge solution to make it available across more blockchains via Chainlink.
“Chainlink is becoming the standard in secure blockchain middleware connecting blockchains to the real world, with its underlying architecture and codebase supported by sound academic research,” said Digital Bridge co-founder Javier Salomon. “We look forward to building on the Chainlink Network to bring an additional layer of 2FA security to the Chainlink ecosystem in order to further protect user funds at all costs.”
Link to Chainlink Blog Post “How to Connect a Two-Factor Authentication (2FA) API to a Smart Contract With Chainlink”
About Chainlink
Chainlink is the most widely used and secure way to power universal smart contracts. With Chainlink, developers can connect any blockchain with high quality data sources from other blockchains as well as real world data. Managed by a global, decentralized community of hundreds of thousands of people, Chainlink is introducing a fairer model for contracts. Its network currently secures billions of dollars in value for smart contracts across the decentralized finance (DeFi), insurance and gaming ecosystems, among others.
Chainlink is trusted by hundreds of organizations to deliver definitive truth via secure, reliable data feeds. To learn more, visit chain.link and follow @chainlink on Twitter.
Website | Twitter | Discord | Reddit | YouTube | Telegram | Events | GitHub | Price Feeds | DeFi
About Digital Bridge
We are building trust digital bridges for business.
We are Chainlink oracles providers. Digital Bridge is interconnecting Blockchain Networks with external Computer Systems. Providing high quality information for the correct execution of smart contracts as well as communicating the results to external systems.
To find out more about us and integrate with our decentralised oracle send an email to hello@digitalbridge.link or follow us on Twitter and social media for future updates:
Twitter | LinkedIn | Web | Telegram | GitHub
About Google Authenticator
Google 2 Steps | TOTP protocol
To Install Google Authenticator app on different platforms:
