Signatures

In order to create and access a Nounspace Identity, we need to get the users signature over a nonce. When you sign into Nounspace for the first time on a new device, the following happens:

1. The front end queries the backed to see if the current wallet (either the one used to sign in or the embedded wallet offered by Privy) already has an Identity is associated with

2. If there is an existing Identity, it will pull the nonce and the encrypted key bundle from the cloud

3. If there is not an existing Identity, it will generate a nonce and a key pair on the client side

4. The app will then ask the wallet for a signature of the nonce. If you signed up with a wallet, you will be prompted to complete the signature. If you signed up with Privy's web2 flows, all of this will be handled under the hood

5. The signature is used as the cipher key to encrypt/decrypt the key bundle. If a new identity is being created, the encrypted key bundle is pushed up to the cloud