Support multiple authentication methods

[jwiegley]

Right now we use PEM files to provide an identity for signing requests, but we'd also like to support NitroHSM (for node providers) and the Ledger Nano, and then possibly more. I propose to do this by splitting the core governance related code into a new, internal ink crate, and use the quill crate to define the CLI and its behavior, and then have multiple auth-* crates referenced by quill to do the actual work of working with the device to sign requests.

[tomburgerch]

Is there a due date on this? This would be incredibly helpful (NitroHSM and Ledger Nano support).

[chmllr]

@tomburgerch quill is a community project and it not developed by DFINITY. There is no planned roadmap or ETAs for features. So far, people who needed certain features implemented them and submitted for reviews themselves.

Btw, as far as I know @jwiegley added the Nitro support for node providers on a branch (see this release: https://github.com/dfinity/quill/releases/tag/v0.2.8.1.hsm)

[tomburgerch]

Hey Christian, thank you for the added context. I'll reach out to John re: the version that supports Nitro to see if there's anything I should know.
Are you aware of anyone that's working on Ledger integration or know who would be interested to pursue that?

[chmllr]

No unfortunately, I am not. Some folks talked about this possibility, but it never materialized. Also probably the appeal of this feature decreased for many given that the Ledger app was released for the NNS dapp last week.

[paulyoung]

I found this thread after being concerned with how to securely back up PEM files.

I asked about this on the DFINITY developer forum where @timohanke shared that keysmith (and now quill) can generate a seed phrase and the derive a PEM file from it.

I think this is an improvement, so I wanted to thank the contributors to quill for supporting that use case.

Both this GitHub issue and the responses to my forum post mention Ledger devices. I understand that it normally requires building a dedicated app and having it reviewed by the Ledger team, but I’m thinking a more general app with limited scope would improve things a lot in terms of recovery.

If possible, I imagine this new Ledger app would work something like this:

1. It would serve as the thing that PEM files are derived from.
2. If a Ledger device has created a PEM file, an identical PEM file could be recreated from a new Ledger device that has been recovered using the recovery phrase of the original device.
3. Some CLI tool/web or desktop app would need to communicate with the Ledger app to prompt the authorization to create a new PEM file, and then derive the PEM file and make it available on disk.

I understand that contributors to quill may not be interested in working on any of this but I’d appreciate any insight or perspective they may have.

Thanks again.