Rethinking WebAuthn : Can We Decentralize webauthn for using this with edge computing

[dipghoshraj]

Hi, I would like to reimagine the webauthn and how it works with a centralized authority for trust. Which makes it difficult for edge devices or offline first application for the authenticating. I am working on some Hypothesis.

💡 The Hypothesis: What If WebAuthn Was Peer-to-Peer?

What if instead of relying on trusted authorities to attest a key, we used:

• Local devices verifying each other
• Trust relationships built through proximity or prior connections
• Decentralized key discovery and revocation

This might violate some of the core principles of webauthn, but to make it for the future, we may need to break some of the rules.

🔄 The Shift: Trust in a Decentralized Atmosphere

I am checking out some of the new areas for solutions

• Uses libp2p to form a local identity mesh
• Allows devices to verify each other using cryptographic keys
• A trust graph system is used to establish whom to trust.

While these plans are at the early conceptual stage. I am looking out for some valuable feedback from the community.