Desired Outcome An ideal outcome could be described by providing a couple of practical examples:

Giovanni, a SPO, beside running a pool, also runs the full suite of systems (eg. graphql, db-sync, etc) required to interact with the cardano blockchain. Paula, a young developer, wants to experiment on Cardano, but doesn't want to run all-the-things Cardano, but "just" interact w/ the graphql layer. Giovanni wants to grant Paula (and Paula only) the rights to use his apis. Giovanni's apis implement a blockchain (cardano) friendly auth mechanism where he issues a token (NFT) used to authenticate and describe the level of authorization to Paula. A large holidays booking company has launched on cardano. They also launched their iOS and Android native apps to browse and book holiday packages. In order to allow the Native Apps to work properly, they should be granted a limited set of permissions to interact with the apis, these apps need to be authenticated and authorised, ideally in a blockchain friendly way. Incentivise the technical community to spin their own set of Cardano APIs to support the developer ecosystem and at the same time to monetize the traffic on such APIs. dandelion.link[0] is an open source project designed to easily manage Cardano APIs. Integrating the auth mechanism will provide the technical community with the tools to monetise, and hence incentivise, the setup of their own set of APIs. This will hopefully lead to a Cardano API marketplace that will facilitate the development and operation of more and more dApps as well as ensuring a resilient infrastructure by eliminating single point of failures (an example of a SPOF is given by Infura on Ethereum : "If we don't stop relying on Infura, the vision of ethereum failed" - link: https://www.coindesk.com/the-race-is-on-to-replace-ethereums-most-centralized-layer). Proposed Solution The solution focuses on three main aspects: Identifying client/customer and the service provider in the system Authenticate the client Grant the client account, or sub account, with the correct permissions. Our solution leverages wallet addresses as a key concept to identify an actor. Such actors can initiate a signup/subscription mechanism, issuing an on-chain transaction to a service provider's wallet. At this point, we have identified two actors: the user/client/customer and the service provider. Unfortunately at this point, while we have a representation of the client's user id (the wallet utxo) we don't have a secret that can accompany it and be used to authenticate calls to our services. For this reason we could leverage metadata to exchange a hashed temporary (few minutes) secret, that can be then used, at network/api level, to establish an initial secure channel between parties. At this point the signup/subscription mechanism can be completed and the result will be an NFT with metadata required to authenticate a user. Roadmap Implement version 1 of the auth mechanism (signup and login) - Within 3 months Integrate version 1 o the auth mechanism into Dandelion.Link - Within 3 months Provide educational content in form of both documents and tutorial on how to stand up and customise dandelion.link - Most of the work will be done within 6 months Submit proposal for version 2 of the auth mechanism (sub accounts and Access Control List) to future round of Catalyst

References: [0]: https://cardano.ideascale.com/a/dtd/Dandelion-Cardano-API-market/352562-48088 Success Metrics

Implement v1 of the actual auth feature within the first 3 months and integrate it in dandelion.link Document and evangelise the approach and try to help/integrate in at least another project within 6 months Use community expertise and feedback to iterate over the solution and aim to define a standard on how to implement blockchain friendly auth mechanism. Cost Breakdown 3000$ dev costs to implement the solution 1000$ dev costs to integrate solution into dandelion.link 1000$ build comprehensive documentation 1000$ produce videos/tutorial on how to adopt auth framework

Received emails from [email protected], How my proposal impacts the challenge metrics, Broken down my budget requirements, Defined expected public launch date., How I address the challenge question, Submitted this proposal to only one challenge, Definition of success after 3, 6 and 12 months, Included identifying information about all proposers