3

I'm building a business application (in a private ethereum network) in which certain users should be able to perform some transactions.

The thing is that the blockchain authentication is hard to understand for business users, they are used to having username/password and the possibility to reset their passwords.

I was thinking of creating a web application in which users authenticate with username/password and in the server side of the webapp i have mapped the username with the ethereum account. This way each time a user makes a transaction, the backend unlocks the ethereum account from geth and performs the transaction on behalf this account.

Does anyone knows if this is a bad idea or not? Any possible consequences?

Thanks!

jogando
  • 33
  • 2

1 Answers1

0

Instead of using Geth account subsystem, it is simpler to just sign transactions

  • On the client side, in a web browser (non-custodian)

  • On your server (you hold the private keys on the server side)

Then broadcast your transaction using eth_sendRawTransaction JSON-RPC API.

Geth account subsystem has been designed to a personal usage and does not work as a generic backend very well.

Related Executing a Smart Contract in a Mobile App

Mikko Ohtamaa
  • 22,269
  • 6
  • 62
  • 127