iOS: Introduction

Caution

iOS 17+ is required for FIDO2 Autofill Credential functionality.

Caution

WebRTC functionality requires testing on physical devices, not simulators.

The iOS SDK provides a comprehensive solution for integrating Liquid Auth into iOS applications and Autofill Credential Extensions. It enables self-sovereign FIDO2/WebAuthn authentication with deterministically generated P256 passkeys and facilitates decentralized peer-to-peer communication between dApps and wallets.

Features

• Self-Sovereign Passkeys: Allows wallet developers to manage passkeys themselves (e.g. using deterministically generated P256 passkeys) instead of relying on centralized password managers.
• WebRTC P2P Communication: Direct, authenticated communication between dApps and wallets, over WebRTC data channels.
• Sign-In with Algorand: Extends FIDO2/WebAuthn with Ed25519 Algorand address signatures, to prove ownership of address.
• Dual Mode Operation:
  • liquid:// URIs/QR Codes for authenticated peer-to-peer communications
  • FIDO:/ URIs/QR Codes for standard Web2 site authentication via Autofill Credential Extensions

Prerequisites

• iOS 17+ is required
• Physical device for WebRTC testing (simulators don’t support WebRTC)
• Xcode 15+
• Swift Package Manager or Xcode package integration

Installation

Swift Package Manager

Add this to your Package.swift:

dependencies: [
    .package(url: "https://github.com/algorandfoundation/liquid-auth-ios.git", from: "0.0.1")
]

Xcode Integration

1. File → Add Package Dependencies…
2. Enter: https://github.com/algorandfoundation/liquid-auth-ios.git
3. Select version and add to your target

Modes of Operation

Note

The iOS SDK, as it is, is designed as a “client”/“answerer” implementation, intended for mobile wallets connecting to dApp “offerers”. It cannot run the other way around in “offerer”-mode. It cannot initiate connections or generate request IDs.

1. Liquid Auth Mode (liquid://)

Paired with the Liquid Auth Backend for authenticated peer-to-peer communications:

┌─────────────┐     WebRTC     ┌─────────────┐
│   dApp      │◄──────────────►│   Wallet    │
│ (Offerer)   │                │ (Answerer)  │
└─────────────┘                └─────────────┘
      │                               │
      └─────── Liquid Auth Backend ───┘

Use Cases:

• LiquidAuth.com demo
• use-wallet integrations
• dApp-to-wallet transaction signing

2. Autofill Credential Extension (FIDO:/)

Integration with iOS native passkey management for standard Web2 authentication:

Use Cases:

• webauthn.io, webauthn.me
• passkeys.com
• GitHub and other passkey-enabled sites

Quick Start

Integration Points

The SDK provides WebAuthn infrastructure, but you’ll need to integrate with your wallet for:

Caution

You are responsible for secure key storage and user verification in your app.

1. Challenge Signing: Sign WebAuthn challenges with your Algorand Ed25519 private key
2. Message Handling: Process incoming WebRTC messages (e.g. transaction signing requests)
3. Key Management: Manage P256 and Algorand key pairs, or their mnemonics, securely

Next Steps

• Registration: Learn how to register passkeys with the service
• Authentication: Understand the authentication flow
• Peer Communication: Set up WebRTC signaling
• Autofill Extension: Integrate with iOS native passkey management

Example Implementation

For a complete reference implementation, see the liquid-auth-ios-example repository, which demonstrates both main app integration and Autofill Credential Extension usage.