CashID is an open protocol that allows secure authentication based on the public key cryptography infrastructure that is currently present in the Bitcoin Cash ecosystem. By authentication we mean to prove to a service provider that we control a specific Bitcoin Cash address by signing a challenge request that links the users address and optional metadata to a task or session with the service provider.
# Motivation
Secure authentication and safe storage of credentials is useful for many things, and with added metadata we enable the following usecases:
* Register to a service as a 1-step process.
* Register to a service automatically as part of a payment.
* Authenticate to a service to login without a password.
* Authenticate to a service to act as 2FA complementing existing passwords.
* Provide access control to locks based on payment.
# Specification
When a user needs to access a restricted area (physically or digitally), they are given a challenge request in the form of the following data:
cashid:domain.tld/command?x=[nonce]
This challenge request can either be transmitted via a QR code, NFC or by any other implementation specific transmission method.
# Rationale
Passwords is an inherently flawed concept (based on sharing secrets) that is increasingly getting hidden away from the users by means of password managers, 'remember me' and single-signon features. Public key cryptography provides a more secure method for authentication where the users secret is never shared.
The problem with public key infrastructure is that managing private keys securely is complex, but this complexity is now being addressed in the cryptocurrency ecosystem which makes it possible to safely implement a better authentication system.
