In-browser Farcaster Account Manager

I built a POC of an in-browser Farcaster account manager and authenticator (similar to 3ID-Connect). It allows web apps to integrate Farcaster and allow users to cast through these apps easily without having to install an extension, login every time, or apps having to manage or interact with users private keys. Users can give apps that are built on top of Farcaster the ability to only read their data, sign data (only casts for now), or have auto-signing permission.

Dango 🍡 is simply an Iframe that stores user keys and runs an RPC server that other apps can communicate with through the RPC client (library). For the POC, I stored the private key encrypted by an unextractable key (created by the web cryptography API) in IndexedDB.

You can simply integrate it on any website with few lines of code and it’ll communicate with the Iframe:

 
    // initializing the iframe and RPC client
    const dc = new DangoConnect();

    // login
    const connection = await dc.connect();

    // reading data
    const userData = await dc.getAllProfileData();

    // asking for a cast signature
    await dc.signCast({})

You can check the code here.

This is just a POC to see what it would like and not meant for production. In the next version, it’ll have a better RPC server and the private keys will be stored on the backend. And Storing the private keys on the backend probably won’t be a significant decentralization compromise as in Farcaster v2 this will be a delegated key. Also, in v2 users won’t have to enter their seed phrase on a web page.

If you have any ideas for how to do this differently, please send DM me @shawkisukkar.