How Nickel-Auth Works

Nickel-Auth is a secure authentication mechanism designed to work seamlessly with the Cobalt API app and Apple’s App Attest framework. Below is a technical explanation of how the system operates:

1. Workflow Overview

1. Nickel App requests a challenge from the Nickel-Auth Server.

2. Nickel-Auth Server generates a unique challenge and returns it to the app.

3. Nickel App uses Apple’s App Attest framework to generate an attestation using the received challenge.

4. Nickel App sends the attestation to the Nickel-Auth server for validation.

5. Nickel-Auth Server validates the attestation. If valid, it generates a temporary authentication key for the user.

6. Nickel App uses the authentication key to request a video download from the server.

7. Nickel-Auth Server validates the authentication key, then forwards the request to the Cobalt API server.

8. Cobalt API Server processes the request and returns a download/tunnel URL to the Nickel-Auth Server.

9. Nickel-Auth Server relays the download/tunnel URL back to the Nickel App.

10. Nickel App uses the provided URL to download the video directly to the device.

2. Why Nickel-Auth

• Turnstile Not Available for Swift: Nickel-Auth was developed as a secure alternative to traditional turnstile authentication, which is not natively supported in Swift.

For further technical details or support, please contact me at [email protected].