**Version:** 0.1.0
**License:** [GPL2](https://www.gnu.org/licenses/gpl-2.0.html)
**Contributors:** [spacened](https://34a.xyz)
**Tags:** crypto, login, authentication
**Tested up to:** WordPress 6.6
> โ ๏ธ **Note:** This plugin is currently under active testing.
> It is not yet recommended for use in production environments.
---
## ๐ Overview
**Crypto Auth** allows users to log in to WordPress using **cryptographic keys** instead of traditional passwords.
It integrates seamlessly with our reference web app โ [**KeyClient**](https://keyclient.app) โ for secure, passwordless authentication.
๐ **Live Demo:** [https://wordpress.34a.xyz](https://wordpress.34a.xyz)
When the plugin is activated, it registers a new API route in your WordPress installation that accepts **signed login messages**.
After generating an API key under **Settings โ Crypto Auth**, register your site with KeyClient here:
> [https://keyclient.app/connect/create](https://keyclient.app/connect/create)
---
## โจ Key Features
- ๐ **Passwordless login** using cryptographic signatures
- ๐งฉ **Automatic account provisioning** for first-time users
- ๐ **Account merging** via `/merge-account` (content reassigned and temporary account removed)
- โ๏ธ **Custom verification server support** for zero trust
- ๐ก๏ธ **Superadmin key configuration** for elevated access control
---
## โ๏ธ Admin Configuration
You can customize important Crypto Auth behavior through constants in your `wp-config.php` file.
### Superadmin Keys
Grant superadmin privileges to specific KeyServer IDs:
```php
define("CRYPTO_AUTH_SUPERADMINS", [
'c79ef931-295b-477b-b4bb-daabef79f81b',
'bc44f95e-a102-4e3c-bde5-e68c0fa2d3af'
]);
```
### Verification Server
Override the default verification endpoint:
```php
define("CRYPTO_AUTH_VERIFICATION_SERVER", "https://your-server.com");
```
---
## ๐ External Services
Crypto Auth relies on two external components:
### 1. KeyServer
Resolves public keychains for identity lookups.
โก๏ธ **URL:** [https://keyserver.34a.xyz](https://keyserver.34a.xyz)
โก๏ธ **Explore keys:** [Key Explorer](https://keyclient.app/explorer)
### 2. Verification Server
Validates cryptographic signatures for login requests.
โก๏ธ **URL:** [https://verify.34a.xyz](https://verify.34a.xyz)
โก๏ธ **Source:** [GitLab: Verify Server](https://gitlab.com/34a1/verify-server)
> You can host your own verification instance for improved security and performance โ ideally on the same server as your WordPress site.
---
## ๐ Redirecting Login
Once Crypto Auth is configured, you can disable the default WordPress login form and redirect users directly to **KeyClient**.
Find your appโs login URL under:
[https://keyclient.app/planets/mine](https://keyclient.app/planets/mine)
A typical login URL looks like:
```
https://keyclient.app/connect/login/15eea7e8-22e2-4b09-973a-30e7e1652bc2
```
Paste this into the **Crypto Auth settings page** to complete the setup.
---
## ๐งช Live Demo
Try it out here:
๐ [https://wordpress.34a.xyz](https://wordpress.34a.xyz)
If you click a login link you'll be redirected to the KeyClient to sign a login request
---
## ๐งฐ Installation Guide
1. Upload the plugin folder to `/wp-content/plugins/`.
2. Activate **Crypto Auth** from the WordPress admin panel.
3. Go to **Settings โ Crypto Auth** and generate an API key.
4. Register your WordPress site at
[https://keyclient.app/connect/create](https://keyclient.app/connect/create)
5. (Optional) Add superadmin keys and verification server overrides to `wp-config.php`.
6. Test login through the KeyClient.
---
## ๐งพ Changelog
### 0.1.0 โ Initial Testing Release
- First public testing version
- Basic cryptographic login flow
- Automatic account provisioning and merge functionality
**License:** [GPL2](https://www.gnu.org/licenses/gpl-2.0.html)
**Contributors:** [spacened](https://34a.xyz)
**Tags:** crypto, login, authentication
**Tested up to:** WordPress 6.6
> โ ๏ธ **Note:** This plugin is currently under active testing.
> It is not yet recommended for use in production environments.
---
## ๐ Overview
**Crypto Auth** allows users to log in to WordPress using **cryptographic keys** instead of traditional passwords.
It integrates seamlessly with our reference web app โ [**KeyClient**](https://keyclient.app) โ for secure, passwordless authentication.
๐ **Live Demo:** [https://wordpress.34a.xyz](https://wordpress.34a.xyz)
When the plugin is activated, it registers a new API route in your WordPress installation that accepts **signed login messages**.
After generating an API key under **Settings โ Crypto Auth**, register your site with KeyClient here:
> [https://keyclient.app/connect/create](https://keyclient.app/connect/create)
---
## โจ Key Features
- ๐ **Passwordless login** using cryptographic signatures
- ๐งฉ **Automatic account provisioning** for first-time users
- ๐ **Account merging** via `/merge-account` (content reassigned and temporary account removed)
- โ๏ธ **Custom verification server support** for zero trust
- ๐ก๏ธ **Superadmin key configuration** for elevated access control
---
## โ๏ธ Admin Configuration
You can customize important Crypto Auth behavior through constants in your `wp-config.php` file.
### Superadmin Keys
Grant superadmin privileges to specific KeyServer IDs:
```php
define("CRYPTO_AUTH_SUPERADMINS", [
'c79ef931-295b-477b-b4bb-daabef79f81b',
'bc44f95e-a102-4e3c-bde5-e68c0fa2d3af'
]);
```
### Verification Server
Override the default verification endpoint:
```php
define("CRYPTO_AUTH_VERIFICATION_SERVER", "https://your-server.com");
```
---
## ๐ External Services
Crypto Auth relies on two external components:
### 1. KeyServer
Resolves public keychains for identity lookups.
โก๏ธ **URL:** [https://keyserver.34a.xyz](https://keyserver.34a.xyz)
โก๏ธ **Explore keys:** [Key Explorer](https://keyclient.app/explorer)
### 2. Verification Server
Validates cryptographic signatures for login requests.
โก๏ธ **URL:** [https://verify.34a.xyz](https://verify.34a.xyz)
โก๏ธ **Source:** [GitLab: Verify Server](https://gitlab.com/34a1/verify-server)
> You can host your own verification instance for improved security and performance โ ideally on the same server as your WordPress site.
---
## ๐ Redirecting Login
Once Crypto Auth is configured, you can disable the default WordPress login form and redirect users directly to **KeyClient**.
Find your appโs login URL under:
[https://keyclient.app/planets/mine](https://keyclient.app/planets/mine)
A typical login URL looks like:
```
https://keyclient.app/connect/login/15eea7e8-22e2-4b09-973a-30e7e1652bc2
```
Paste this into the **Crypto Auth settings page** to complete the setup.
---
## ๐งช Live Demo
Try it out here:
๐ [https://wordpress.34a.xyz](https://wordpress.34a.xyz)
If you click a login link you'll be redirected to the KeyClient to sign a login request
---
## ๐งฐ Installation Guide
1. Upload the plugin folder to `/wp-content/plugins/`.
2. Activate **Crypto Auth** from the WordPress admin panel.
3. Go to **Settings โ Crypto Auth** and generate an API key.
4. Register your WordPress site at
[https://keyclient.app/connect/create](https://keyclient.app/connect/create)
5. (Optional) Add superadmin keys and verification server overrides to `wp-config.php`.
6. Test login through the KeyClient.
---
## ๐งพ Changelog
### 0.1.0 โ Initial Testing Release
- First public testing version
- Basic cryptographic login flow
- Automatic account provisioning and merge functionality