Login into a 'web2' app using ATProto and Alchemy Smart Accounts

[bitbeckers]

The attached Loom demoes the following flow:

• sign in to ATProto using email (for the PoC we just use Bluesky)
• get user's did, handle & email
• generate wallet for user as an Alchemy Smart Account
• create user with DID and wallet information in our backend (Supabase)
• ATproto and wallet information in user profile (reads)

This does not wire the JWT from ATProto's session into Alchemy. The reason for this is that they use ES256 and RS256 respectively, so we also provide 2 different keys for the different oauth clients.

We can generate a JWT for Alchemy based on the ATProto sessions JWT, but that's functionally not much differnt than generating an embedded wallet. Actually, since this is on my Alchemy account it is functionally an embedded wallet anyway.

This PoC prooves we can orchestrate sign in/creation of ATProto and smart accounts based on a single email login.

For hypercerts, based on this PoC, I think we could provide OAuth login (replacing the Bluesky window), create custom handles (bitbeckers.certs.app) and with low friction create ATProto account and wallets based on email login.

This PoC does show the same issues we already know from embedded wallet providers, and using smart accounts, and surfaces the issue of different JWT standards.

FYI Privy does also use ES256 for JWT signing, but I think that shouldn't be a dealbreaker. The reality is wrangling JWTs between permissioned systems.

https://www.loom.com/share/a6d6c98d2b26465281eab521c9e773e1?sid=3a6f27ee-380d-4e48-8e6e-886cdd91f160