 Hi everybody. My name is Billy. I'm a developer, researcher and artist. I work for Cosmos Network, NOSIS, and for myself on various other projects. One of the things I think I'm most excited about when working with Ethereum and all these different cryptocurrencies is the fact that you actually sort of get exposed to cryptography in general, a symmetric cryptography, and you kind of realize all the cool things you can do with that. And it's really exciting that actually it's a cryptocurrency which has been the push to get kind of normal users to have a private key, to manage the private key, to have something like MetaMask. So thanks to cryptocurrency you kind of get all of these really cool features and the past few months or whatever there's been multiple situations in which either for my own apps I had to do authentication with MetaMask where you kind of are able to do this amazing authentication system where you're not storing a password for a user or presenting some sort of a password honey pipe that you actually let your users sort of authenticate themselves. You see this in cryptocurrencies, you see it in a lot of different apps, and so I did that a few times and talking to other people about different projects kept coming up of oh you know actually you don't really even need a cryptocurrency for that you just need a user with a private key that can do something x, y, or z and for different reasons it kept coming up like oh yeah just authenticate them with their for the signature on something and then give them access to whatever. The most common version of that was a chat room so a couple weekends ago I just decided to spend something up. The point of it being what's possible when users manage their own private keys. So because it was a weekend project I decided to do it as fast as possible so I used a bunch of evil centralized services that make things go really easy and they do a lot of the work for you. But basically this is a chat room built with Google Firebase who offers really simple hubs of databases. It's hosted on a service called Netlify which is just basically a wrapper for Amazon Web Services. I'm using a Amazon Web Service Lambda function for verification of a user signature and I'm using amber data.io which is a kind of block explorer who keeps token balances for all ERC20s and ERC721s. So if you just want to ask for a specific address and get all of the ERC20s or 721 tokens they have they have an API endpoint for that which you don't really have it either scan or really even open C so I'm using them for that. But without further ado I can show you that the app works basically by clicking start asking you to sign a message hello world by signing this message blah blah blah sends it to a Lambda function which makes sure that you actually have that address checks amber data for all your token balances and then gives you authentication inside of Google Firebase for every single chat room that is names based by those contract addresses. So here you can see inside this account I have some CryptoKitties, some Weth. I made another project called NSNifty which is about NFT wrappers for NS names so because I have those I can chat in that room. You can see there's a couple other people who had CryptoKitties who joined the chat at some point. There's the lobby where as soon as you sort of been authenticated you can jump in and that's kind of it. I guess I can prove that actually in here or the Berlin token so if you were here doing the Berlin hackathon and you got any of these you can sort of prove or associate. I think it was the people who also had them were here. So that proves the fact that I'm actually in there or not. Hey, it showed up in the other room. Is this live? Is it really live? Wow. So I mean this is super simple. This is something that ends up popping up in a lot of different projects. It can be used for a lot of different things. As I see more sort of interesting non-profitable token projects that are based around necessarily speculating on a project but having a community based around it. Maybe the proof of work that goes into it is something more interesting than spending computer cycles or paying money. Maybe it's actually showing up to meetups. Maybe it's actually showing up to events. Maybe it's knowing somebody. Maybe it's gifts. Maybe it's these kudos on Bitcoin. The idea that you would want to sort of create access determined by those sorts of communities is something coming up more and more often and so I spun this up. It's all on GitHub. The authentication stuff is super easy. It's to the Lambda. Whether you want to use it with something like Firebase or with your own social network or whatever you'd have basically the same configuration. So I spun it up just to give my mind around how to apply to different things. We'll be applying it to different projects for fun and profit maybe but mostly just to see how it works. Feel free to jump in. I use Portis. Actually I should list that on here too. Portis.io is a really nice solution to users who don't have wallets. So it's basically MetaMaskera. I think it's the MetaMask alternative where you sort of embed MetaMask as a JS file. They give you an address. They store your key encrypted so that when you use using a password they will hand it back to you. You decrypt it in your browser and you can have the same experience. So if you put it up on Safari or on Google Chrome on your phone you could actually log in and start chatting. Probably you just be in the lobby because it's an account without any token balances but that's there. Better to use. This is just a weekend project and this is just a lightning talk. Actually I made a chat application like three, four years back for Whisper. Actually the first time we used Whisper and I really hope somebody will update into the latest Whisper because the chat application never really saw the day of life for real. I think it's in the film repository and you can easily use it in their face for your little chat here. You can just overtake it and take the call where messages are retrieved and sent to Whisper with whatever you have here. It's like a really nice looking Whisper. I think it's called Meteor as something Whisper chat in either under Ethereum or my JNM repository. There's the new metamask process where it asks you to connect with the dev when you started. Does that actually sign a message under the hood? So then still you would have to do the signing of the message to be really authenticated. The first time you visit, if you've never come to this site before, metamask will say this site wants to know your address. You say yeah let it know my address. And then metamask will say you want to sign this message. So once you've done the first time it doesn't happen so that's why it didn't happen. Also you should check out token talks. They're down. Somebody told me about it a week or two ago and I don't know if they're down forever. It's not like rocket science, but it was a fun project. So more commercials. Nice new project. I was wondering why do you use AWS Lambda? Why don't you do authentication clients on it? Because the Google Firebase handles authentication for users who you have permission to read and write from. Firebase is basically a giant JSON object and each like branch you give read and write permissions based on user IDs. So first I check your token balances and then if you read and write permission on all the branches that are namespaced by those tokens. So each branch has all the chats within each of them. So I need a private server somewhere who stores my Firebase private key or authentication in order to give permission on a user to read and write to different chat rooms. Otherwise you could just show up in any chat room and read and write to it. Because it's not the mapping between the username and address. It's more like access to the rooms. Yeah. That kind of access could be for anything. It could be like featuring on style. It could be for blog posts. It could be for movies. Hi. One question regarding the signed message. Isn't it secure if it's always the same message? Because if someone gets a hold of it, they could just act as you because it's basically your identity, right? Yeah. If you wanted to be a little more secure, you should put a timestamp or an ox or something like that so that they can be timed out after a certain period. Exactly. It's what I'm doing with my project and yeah, I think that's a great point to go. I think it's very, very seriously on this project. Some more questions? I think that was it. Thank you very much.