[randomhodler84]

Ok now how do I do it with storage in some eternal way that doesn’t required a trusted third party. And not having to maintain any kind of session or user state mapping between my app and the oauth2 or saml provider.

Ya know, about 14 years ago something happened where we could maintain these eternal data structures with rules around state mutation. Humanity is only learning the power of such structures a decade later. There are very much unique problems being solved here and you are missing the dark forest for the legacy trees.

[finfinfin]

So how does the service authenticate the user?

User installs a browser extension (wallet) that is created by a third party that they have to trust unconditionally?

Is that what the promised land of zero trust is about? Trusting a 3rd party with all your finances?

[TimJRobinson]

The user can read the source code of a wallet and they know it's never going to change on them or have a service block them, and there are many options available which they can switch between at any time.

It's about user empowerment and not letting other entities have any control over any aspect of it.

[finfinfin]

Who is your theoretical empowered user? A CS major?