Fission Whitepaper
Search…
Fission Whitepaper
Abstract
Contributors
Introduction
Context
The Constellation
High Level Architecture
Foundation
Unified Storage
Digital Scarcity
Portable Compute
Authorization
Overview
Self-Certified
Challenge-Based
DID Document
Access Control
Object Capability Model
Query Access
Command & Mutation
Accounts
Registration
Delegation
Login
Recovery
Multifactor Authentication
File System
Basics
Partitions
Unlisted
Share
Links
Events
Consistency
Distribution
Apps
Hosting
Layout
Clone
Follow
Database
WNKV
WNDB
Dynamic FaaS
Distributed & Edge FaaS
Powered By GitBook
Multifactor Authentication
Multifactor authentication is possible entirely from within the UCAN construction, or via an external provider. This is very close to the common MFA systems seen today: a second party vouches for the validity of a login or other statement. This is mediated by a challenge, via email, SMS, or authenticator application. Once validated, this external party cosigns a UCAN, or aggregate decryption for read access.

Cosigning

It is also possible for this method to be self-sovereign, where the end user manages their own m-of-n scheme.

Countersigning

With countersigning, the outmost UCAN must provide proofs that meet some criterea. One such example is having a set of well-known DIDs that must have delegated valid rights to the action. This is especially helpful when a resource is shared among multiple users that don't have access to pairing-based cryptography.
Accounts - Previous
Recovery
Next - File System
Basics
Last modified 6mo ago
Export as PDF
Copy link
Contents
Cosigning
Countersigning