I ended up going different way.
Server encode a token/secret using user's public key. Then user decode it using steem_keychain.requestVerifyKey. If successful then we got a handshake for the future.
It could be better in some cases than the way I wrote about. I am guessing we need to send 2 requests, one for fetching encoded message, another letting server know use successfully decoded the message.
But I think its more secured in some use cases. Thanks for sharing the idea.
I ended up going different way.
Server encode a token/secret using user's public key. Then user decode it using
steem_keychain.requestVerifyKey
. If successful then we got a handshake for the future.It could be better in some cases than the way I wrote about. I am guessing we need to send 2 requests, one for fetching encoded message, another letting server know use successfully decoded the message.
But I think its more secured in some use cases. Thanks for sharing the idea.