Register accounts using EVM Wallets
In this section, we will create a module that enables user account registration using EVM (Ethereum Virtual Machine) wallets. This functionality allows users to sign in with EVM-compatible wallets like MetaMask and can be extended to include features such as payments.
Conceptual design
Users will register an account by signing a message with MetaMask. We achieve this by utilizing the open account registration strategy from the ft
library. The following sequence diagram illustrates the registration flow:
Implementation in Rell
We will implement the registration flow by creating a new module called registration
. This separation allows easy inclusion or removal of account registration features and supports multiple registration methods. Follow these steps for implementation:
-
Create a folder named
registration
, and within it, add a file calledmodule.rell
. -
Add the following definitions to
registration/module.rell
:
module;
import ^.news_feed.*;
import lib.ft4.accounts.strategies.open;
import lib.ft4.accounts.strategies.{ register_account };
operation register_user(name) {
val account = register_account();
val user = create user ( name, account.id, account );
create follower ( user = user, follower = user );
}
- The
open
strategy allows users to register themselves. - The
register_user
operation registers an account, creates a user, and establishes follower information. - The
register_account
function ensures that the transaction is signed by a unique EVM account.
- In your
chromia.yml
file, add an exclusion for this operation to notify theft
library that theregister_user
operation is safe to use:
blockchains:
my_news_feed:
module: development
test:
modules:
- test
moduleArgs:
lib.ft4.core.admin:
admin_pubkey: x"023BEE5A479CE5AF31F6F64EDE7BEAD394E92E4D973E1727782DB577A55E878563"
lib.ft4.core.auth:
evm_signatures_authorized_operations:
- register_user
For more details on configuring your chromia.yml
file, refer to the Chromia Project Configuration documentation.
- In your
main.rell
file, include an import statement for the newregistration
module:
module;
import news_feed.*;
import registration.*;
While the register_user
operation requires a valid EVM signature, it can expose a potential DDOS attack vector since each account corresponds to a row in the database. To mitigate this risk, consider the following strategies:
- Implement rate limiting for the operation.
- Enforce payments during registration.
- Establish an authentication layer as an intermediary.