Aptos now lets users sign transactions with passkeys

The feature adds a layer of recoverability that is often missing in the decentralized model of digital asset ownership.

Aptos lets users sign transactions with passkeys

Share this article

Aptos Labs announced on Wednesday that it has rolled out support for passkeys, allowing users to sign transactions without the conventional hassle of passwords. With this development, the firm aims to create a secure and user-friendly authentication method that seamlessly onboards users to Web3.

“We’re making Web3 security as easy as Face ID or Touch ID.

Passkeys are the next step in a continued commitment towards creating the safest, most user-centric experience on Aptos. Passkeys are poised to revolutionize the way users interact with digital platforms – setting a new standard for authentication and transforming the way we think about digital asset ownership.”

As explained in GitHub, Aptos’ passkey is built on the premise of being phishing-resistant, providing a swifter authentication process that’s fortified against common security threats. Furthermore, the feature provides a recovery pathway that doesn’t depend on writing down and securing plaintext mnemonics or private keys. Passkey can be seamlessly recovered or synchronized across devices, as long as it’s within the same ecosystem.

Here’s how it works: When a user create an account, he is prompted to create a passkey using biometric authorization for enhanced security. Once the passkey is set up, the wallet generates an Aptos address from the user’s passkey public key. To initiate a transaction, the user authorizes the transaction with the passkey via a biometric gesture. The transaction, secured by the passkey signature and public key, is then submitted and validated on the Aptos blockchain. Users can also back up their key with a trusted provider such as iCloud or Google Password Manager.

“When a user registers a passkey, a new website-specific public key credential is created on their device’s authenticator. WebAuthn Authenticators securely store passkeys and enable users to access them via authorization gestures like Face ID or Touch ID.”

Aptos built their own passkey authenticator based on the WebAuthn standard and public-key cryptography. The system is currently specific to the Aptos ecosystem but could be adopted by others as it’s open-sourced.

Share this article

Loading...