[esaminu]

Sure! it uses the NEAR blockchain to get a chain signature based on the email address extracted from the token. The email is extracted from the unsigned token message that is sent to the smart contract along with a zero knowledge proof of the signature. The smart contract verifies the proof and then signs the user's payload using the email address and aud in the derivation path in the call to NEAR chain signatures.

Here is an example execution plan of getting the signature on NEAR: https://testnet.nearblocks.io/txns/FzzzN1f3auTTM8yvxZpy8YdQm...

More documentation on chain signatures: https://docs.near.org/concepts/abstraction/chain-signatures#...

Smart contract source code: https://github.com/esaminu/google-chain-signatures

[quadhome]

That means Google can claim control of any email address, yeah?

[esaminu]

At this stage yes but I'll be adding the ability to add a public key to your account on the smart contract and also deauthorize the proofs if you want complete custody. We can make the journey to full custody more gradual to improve UX.