f970f3fb58
- Created SelfFreezoneClient in Self components
- Wraps SDK FreezoneScriptClient for Self-specific operations
- Implements send_verification_email method
- Uses Rhai script template for email verification
- Includes template variable substitution
- Added serde-wasm-bindgen dependency
Usage:
let client = SelfFreezoneClient::builder()
.supervisor_url("http://localhost:8080")
.secret("my-secret")
.build()?;
client.send_verification_email(
"user@example.com",
"123456",
"https://verify.com/abc"
).await?;
1.8 KiB
1.8 KiB
Self Documentation
This directory contains comprehensive documentation for the Self digital identity tool.
Documentation Structure
architecture.md- System architecture and design principlesauthentication-flows.md- Detailed authentication and registration flowsserver-api.md- Server API documentation and endpointscryptography.md- Cryptographic implementation detailsvault-system.md- Vault functionality and key managementopenid-compliance.md- OpenID Connect compliance documentationsecurity-model.md- Security considerations and threat modeldeployment.md- Production deployment guidelinesdevelopment.md- Development setup and contribution guide
Quick Reference
Key Concepts
- Self-Sovereign Identity: Users control their own identity without relying on centralized authorities
- Client-Side Encryption: All private keys are encrypted locally before storage
- Decentralized Authentication: Public key-based authentication without password dependencies
- Vault System: Secure storage for multiple encrypted keys with password-based access
Core Components
- Registration Component: Email verification and key pair generation
- Login Component: Cryptographic challenge-response authentication
- Identity Component: Identity management and key access
- Vault Manager: Multi-key storage and management
- Server: Identity verification and OAuth-compatible endpoints
Security Features
- AES-256-GCM encryption for private keys
- PBKDF2-based key derivation (10,000 iterations)
- Secp256k1 cryptographic signatures
- JWT-based session management
- Local storage with encrypted data only