| This neglects a few pretty fundamental problems. First, it only works for APIs where a user is present. This doesn't work for APIs where your server is the client. Otherwise there's nobody to visit the "payment URL" that the author describes. If you did this on the server, you need to share the keys with all the machines in your fleet (so each machine doesn't get a payment URL when it boots), which feels just like an API key. And if the payment URL could be completed programmatically, it requires the server to provide a value given to you by the API vendor to note your identity as they understand it, which feels exactly like a bearer token. But this is just OAuth in reverse. Instead of authing and getting a token, you generate a key and then auth. Either way you need to store a sensitive value. It's questionable where there's material benefit to not sending a bearer token over the wire (TLS works well). Another problem is key management. Where in the flow do I tell the API what my device is? "This is my Pixel 9 Pro" isn't going to be a thing I'd expect to answer when going through the payment URL. So now I've got a public key registered and I lost my phone. I have to log into this API and tell them "yeah don't trust that key anymore." Which one? I suspect the best ux you can do is to just show the last time a key was used, which is unhelpful for users with multiple devices. The B2B2C note at the bottom is just clown shoes. The servers simply aren't authing to each other (the payment URL has to go to the end user), as I noted above. And if a user needs to auth to every back and API that the app uses, that's kind of wild. Yes, you can do clever things with ZKPs but you can't solve the real UX problems here with more crypto. And that's assuming that all the back end APIs you're using fully support this scheme. The last problem is an issue with invalidating key material. If I log into the vendor and say "My device was imaged while going through customs, don't trust this public key anymore", the server needs to remember that key forever to know that it's banned. You can't just delete the key. Consider: I mark the key as invalidated, then open my phone and use the app. It sends the bad key, which isn't recognized. I go through the payment URL and re-auth. That key is now active again on both my device and the image that was taken going through customs. The only way to avoid this is for every key ever used is remembered until the end of time. If someone tries to use an invalid key, a separate response needs to be sent telling them the key is no longer allowed and to create a new one. Without that, the device can't possibly know if the user didn't auth in the payment URL yet, or if they authed and the key was invalidated (and a new one should be created). |