Architecture
Overview
The Payment ID system with OAuth integration provides a seamless way for users to register and manage human-readable identifiers across blockchain networks using only their email. The architecture leverages ZK Email OAuth for authentication and ephemeral key management, eliminating the need for users to manage private keys or interact directly with the blockchain.
Key Components
ZK Email OAuth SDK
Provides email-based authentication and ephemeral key generation for seamless user onboarding.
Registration Controller
Manages the registration process for Payment IDs and initializes resolver records.
PID Contract
ERC-721 token contract representing ownership of Payment IDs as transferable NFTs.
PID Registry
Core registry maintaining relationships between token IDs, owners, and resolvers.
Public Resolver
Resolves Payment IDs to blockchain addresses across different networks.
Email Wallet Core
Underlying infrastructure handling email verification and transaction execution.
Wallet
Singleton wallet for email users
Login Flow
Email Sign-In: User provides their email address to sign in or sign up through the dApp.
OAuth Request: The
OauthClient
sends a request to the relayer to initiate the email-based authentication.One-Time Email Reply: User receives an email and authenticates by simply replying to it.
Ephemeral Key Generation: The OAuth SDK generates an ephemeral ECDSA key for the browser session.
Key Activation: The ephemeral key is activated on-chain once the email proof is verified.
Registration Flow
Payment ID Registration: User selects a Payment ID to register (e.g.,
alice@binance
).Transaction Construction: The dApp constructs a transaction to the Registration Controller.
OAuth Execution: The transaction is executed via the ephemeral key using
oauthExecuteTx
.PID Minting: The Registration Controller mints a new PID token to the user's Email Wallet address.
Record Setup: The PID Registry and Resolver are updated with the appropriate records.
Contract Functions
Registration Controller
register
Registers a new Payment ID, minting a token and setting up resolver records.
available
Checks if a Payment ID is available for registration.
PID Contract
register
Mints a new token representing the Payment ID.
transferFrom
Transfers ownership of a Payment ID, updating registry records.
PID Registry
setRecord
Sets both owner and resolver for a token ID.
setOwner
Updates ownership information for a token ID.
setResolver
Updates resolver information for a token ID.
Public Resolver
setAddr
Sets address records for different chains and source types.
addr
Retrieves address records for specific chains and source types.
Security Considerations
Email Privacy
User email addresses remain private through ZK proofs, never exposed on-chain.
Key Management
Ephemeral keys are generated per session, reducing risks of permanent key compromise.
Transaction Limitations
Ephemeral keys can be configured with expiration times and token allowances.
Session Integrity
The OAuth system ensures that only authenticated users can perform operations.
Last updated