Skip to content

KhrulSergey/game-web3-auth

Repository files navigation

Game Auth - Crypto Web3 Authentication System

A production-ready authentication service built with Encore.ts that bridges Web2 gaming providers (Steam, EpicStore etc) with Web3 cryptographic infrastructure using Lit Protocol. Implements a complete Steam OpenID login flow with automated Programmable Key Pair (PKP) generation, enabling seamless player onboarding into blockchain gaming ecosystems.

🎯 Project Overview

Game Auth is a microservice that handles:

  1. Steam Authentication: OpenID 2.0 integration for player verification
  2. JWT Token Generation: RS256-signed tokens for Lit Protocol authentication
  3. PKP Generation: Automated creation of programmable key pairs using Lit Protocol v7
  4. MPC Key Sharing: 2-of-3 threshold scheme supporting:
    • Share A: Passkey (user-controlled)
    • Share B: Lit PKP (protocol-managed)
    • Share C: QR Code (recovery mechanism)

🚀 Installation

📋 Prerequisites

System Requirements

  • Node.js: >= 21.0.0
  • npm or yarn: Latest version
  • Docker: For local development (optional)

Install Encore CLI

# macOS
brew install encoredev/tap/encore

# Linux
curl -L https://encore.dev/install.sh | bash

# Windows (PowerShell)
iwr https://encore.dev/install.ps1 | iex

1. Clone and Install Dependencies

npm install
# or
yarn install

2. Configure Environment Variables

Create .secrets.local.cue file in the project project root:

// Server Configuration
ServerUrl: "http://localhost:4000"
ClientUrl: "http://localhost:3000"

// Steam API Configuration
SteamApiKey: "YOUR_STEAM_API_KEY"
SteamDomain: "yourdomain.com"

// JWT Configuration (RS256)
JwtPublicKey: """
-----BEGIN PUBLIC KEY-----
YOUR_RSA_PUBLIC_KEY_HERE
-----END PUBLIC KEY-----
"""

JwtKeyID: "your-key-id-here"

JwtPrivateKey: """
-----BEGIN PRIVATE KEY-----
YOUR_RSA_PRIVATE_KEY_HERE
-----END PRIVATE KEY-----
"""

JwtLifeTime: "24h"

// Lit Protocol Configuration
// Private key for paying PKP minting fees on Chronicle Yellowstone
LitAdminPrivateKey: "0x..."

3. Generating RSA Keys

If you don't have RSA keys, generate them:

# Generate private key
openssl genrsa -out private.pem 2048

# Extract public key
openssl rsa -in private.pem -pubout -out public.pem

# Convert private key to PKCS8 format for JWT
openssl pkcs8 -topk8 -inform PEM -in private.pem -out private_pkcs8.pem -nocrypt

4. Fund Lit Protocol Admin Wallet

The admin wallet must have funds on Chronicle Yellowstone to pay minting fees:

# 1. Extract address from private key
# 2. Get testnet ETH from https://faucet.litprotocol.com
# 3. Verify balance on Chronicle explorer

🏃 Running Locally

Development Mode

Start the Encore server with debug mode npm run dev or yarn dev

Standard Run

encore run

📡 API Endpoints

Authentication
POST /api/login - Steam login initiation
GET /api/auth/callback - Steam OpenID callback

Wallet Management
POST /api/wallet/mint - Mint PKP with Steam auth method

Public Endpoints
GET /.well-known/jwks.json - JWKS endpoint for JWT verification
GET /.well-known/openid-configuration - OpenID Connect discovery

Frontend Routes
GET / - Home page
GET /auth - Authentication page
GET /auth/success - Success redirect (with token parameter)

🏗️ Architecture

Service Architecture

┌─────────────────────────────────────────────────────────┐
│               Game Auth Service                         │
├──────────────┬──────────────┬──────────────┬────────────┤
│              │ Auth         │              │            │
│ Login        │   Steam      │ Wallet       │ Validators │
│ Controller   │   EpicStore  │ Management   │            │
├──────────────┴──────────────┴──────────────┴────────────┤
│        Common Configuration & Providers                 │
│  • Secret Management (Encore Secrets)                   │
│  • Config Data (Steam, JWT, Lit Protocol)               │
│  • Utility Functions                                    │
├─────────────────────────────────────────────────────────┤
│           External Integrations                         │
│  • Steam API (Player Profiles & Ban Info)               │
│  • EpicStore API                                        │
│  • Lit Protocol (PKP Minting & Management)              │
│  • Chronicle Yellowstone (EVM-compatible chain)         │
└─────────────────────────────────────────────────────────┘

Technology Stack

Component Technology Version
Backend Encore.ts Latest
Language TypeScript 5.9.3+
Runtime Node.js >= 21.0.0
Blockchain Lit Protocol SDK v7.4.0+
Cryptography ethers.js v6.x
Signing jose v6.0.9+
Frontend EJS Templates v3.1.10+
OpenID node-openid v2.0.14+

📄 License

MIT License - Copyright (c) 2025 Sergei Khrul See LICENSE file for details.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors