How to a implement a custom Safe Authenticator for Rust Desktop App

After reading the Safe Networks 2021 Primer, I convince to start develop on the network. I have setup the testnet from the safe_networks repository with the help of @bzee and I have also tried interacting with the network using the safe cli.

While designing the user flow for the app, I discovered that the use of a separate app Safe Authenticator to authorise access to their data on my app will not be that of a pleasant experience. This might lead to a user who do not understand the benefit of using the Safe Authenticator total abandon my app before even trying it out.

I will like to develop an app that is highly user friendly, where the user can accomplish all task on a single app. This will require me to implement a custom authenticator in my app that allows users to create a safe account, get authorisation request and more.

I need help with how to implement a custom Safe Authenticator in Rust. I need directions to the right API to use and if possible a guide on best approach to implementing my custom authenticator.


At the moment authentication technically isn’t much more than a keypair. Currently, there isn’t much focus yet on the UX side of things regarding apps and authentication.

At the moment, I would suggest skipping the authentication part until more becomes clear on how the ecosystem will look. It used to be that the authenticator was a daemon that had an IPC interface and allowed users to manage permissions to apps. If you make a custom authenticator, it wouldn’t have the same trust anyway as an official authenticator. You might as well right away accept the credentials of the user. If you were a bad actor, you could expose those credentials, so it’s up to the user to trust your app with their credentials.

If I may ask, where did you read about the authenticator?


Thanks for your reply.

I understand the importance of an independent authenticator, it’s use will require me as an app developer to invest time and educational resources to educate users on how and why to use the Safe authenticator before they can interact with my app.

I read about the authenticator for link I found on the Save Dev website and on the sn_api repository.

1 Like

I think your concern is understandable but may not be justified. Users will come to Safe Network by various routes, but almost all will need to use the Safe Network App (SNApp) / Mobile Authenticator to manage authentication, data sharing and access permissions, and app permissions. So it will be a standard feature on all devices of SN users which they will quickly be familiar with.

When an app needs access to something, SNapp / Authenticator will be the UI which the user sees and interacts with, so I think it will be unnecessary and counter productive for you to replicate some of its functionality just for your app.

Better for you to introduce SNapp / Authenticator to the few users of your so who don’t know about it yet, and to benefit from the familiarity many will already have with SNapp before they come to your app. Like the permissions UI on Android, SNapp will be familiar to all and apps which bypass out will seem out of step.

1 Like

Thanks for your reply. I do understand and will include educating user on the safe net as part of my on-boarding process.

1 Like

Agreed. In a world where Safe is successful, a Safe account will mean the world to someone. Entering the credentials to your Safe will be something someone doesn’t do lightly. The authenticator should probably be a single program made by MaidSafe, that the user knows and trusts fully. An educated user will not trust any third-party authenticator, or recognize that an app tries to bypass the authenticator by accepting the credentials in-app. Entering credentials in multiple places either causes user-fatigue or a scenario where only technically inclined users will know how to navigate the landscape in a secure and safe way.

1 Like

I respect, appreciate and thank the MaidSafe team for the vision and the work they are putting in to make a safe internet. But I will ask the team to forgive my curious thoughts and opinions on having a single safe network app by a single team.

I believe having a universal safe network app doesn’t promote diversity, competition and flexibility. The idea of allowing a single safe network app for the entire network raise questions like:

  • What happens when there are other developers who can design and engineer an open sourced and secure safe network app with the same functionalities, a better or a customised user experience and a better performance?
  • Is it not a point-of-failure if the MaidSafe team is attacked or engineers from the team decides to go rogue?

These and a couple of other reasons are why there will be a need for custom Safe Network Apps with a touch of uniqueness. There is a need to understand that the centralisation of functionalities presents a higher risk and will likely lead to road blocks as humans are highly dynamic in taste and will always yearn for peculiarities.

I believe we could have multiple secure Safe Network Apps with unique features and experiences just as MetaMask, and Exodus are all wallets used in signing Etherum transactions.

We could and in time I think that’s a good thing (like F-Droid et al for phone app stores) but we shouldn’t encourage developers to put authentication into every app, and users need to be educated about the importance of a trusted authentication app, which in the early days will be from MaidSafe (and always open source).

1 Like

I am glad you acknowledged it’s a good thing. I understand it safer for users to use a trusted authentication app mostly at the earlier stages. Now I know it’s allowed if the need be.

Thank you

1 Like

Sorry if I gave the wrong impression. Besides that I am not part of MaidSafe, the view I gave wasn’t supposed to be the ultimate, only and lasting truth.

Your post gave me the impression you wanted to build the authenticator as part of your app, which I don’t quite see fit for the reasons I mentioned. But yes, I take back my wording that it “probably should be single program made by MaidSafe.” I would agree with @happybeing that it might apply in the foreseeable future though. If MaidSafe makes an authenticator that is as solid as, say, Electrum, then I don’t see a lot of reasons for many competing authenticators.


I was initially thinking about making a folk of the safe browser, customise it’s interface and implementing an authenticator directly on it.

This I think will enable users use my folk safe browser as browser and an authenticator. Hereby removing the extra user flows involved in authenticating with a separate app.

This way I and my friends can confidently develop web apps know that our users will only have to download the browser with a built-in authenticator.

I believe initial flow would be:

  1. Download Safe Browser
  2. Download Safe Network App
  3. Access Web App through the Safe Browser
  4. Open Safe Network App
  5. Authorise Safe Browser
  6. Open Safe Browser to Confirm Success

But with my proposed folk:

  1. Download Folk Safe Browser
  2. Access Web App through the Folk Safe Browser
  3. Authorise App
1 Like

Hailing @JimCollinson!

I am not sure where I picked this up, but I remember ideas about the browser integrating the authenticator. Exactly for the flow you describe. (Perhaps with conversations with @joshuef?)

Thanks for outlining your thoughts on this, @GTime! It’s been a while since the authenticator was talked about regularly, so with the next iteration perhaps different choices will be made.


I am glad I did. I think is will be dope if the browser can also authenticate.

1 Like

For most part of yesterday evening and this morning I have been go through the MaidSafe Repos to find an api for Safe authenticator. The closest I could find are sn_api/authenticator and safe_network/sn_api/authenticator which are basically same thing with all there implementations commented out.

Can anyone direct me to where I can find an exact working API for the authenticator?

The sn_api repository should have been archived. All development is now found in the safe_network` repository. The current state of the authenticator is ‘unimplemented’.

What you have read isn’t outdated per se though. It’s just that currently all efforts are directed at getting the APIs to work. Hopefully we will see more attention coming to the UX/app story this year. I think my advice from my first reply is relevant here:

Okay Thanks

I’m also interested in this,

basically as a simple way for a JS dev to make example apps. I asked about this on the other forum, but here it is again in a better thought-out sentence:

“What would be the easiest route for a mainly JS/web focused developer be able to make test MAIDsafe apps, today?”

I see that there is old software on Github like Safe-Browsers. Could these be used offline? Run a local node and local instance of Authenticator?

I would rather not have to learn Rust to tinker with MAIDsafe technology. And like I said on the other forum, am happy to rewrite my apps later.

But I want to play around and make web based apps now… if possible

I’d even be willing to pay someone (a bit) for their time, in helping me set this up

At this stage it is CLI only, the browser is yet to be updated

So not today unfortunately (or relatively soon)

This topic was automatically closed after 60 days. New replies are no longer allowed.