There are several restrictions. Some integrations are possible (eg. native support, Chrome extensions), whereas others are not (eg. using Torus wallet in a server context). Right now, we only have browser based support.
Using it directly in NodeJS via require will not work since the SDK relies on browser capabilities like service workers and window.open.
Instead of setting a high CSS z-index, which can be quite annoying, we choose to let Vuetify take care of this. If you find that you are still facing a problem, you can add CSS for the selector "#torusIframe" to set the z-index yourself.
Chrome, Edge, Firefox, Brave, Safari and other major browsers. IE and private browsing in Safari are not supported. On browsers that don't support ancestorOrigins (eg. Firefox), we make use of the document.referrer, so you will have to ensure that your app is served with an appropriate Referrer-Policy.
You might be running on non-secure domains, which don't have window.crypto enabled. Try loading your site over https or localhost.
The Torus Wallet relies on many browser-specific technologies which differ in implementation. We try to make the Torus Wallet compatible with as many browsers as possible, but browser updates can change some of these behaviours. If your dapp isn't working in a specific browser, please check out the issues here to see if it has already been raised or resolved.
Torus splits a user’s private keys into shares across a network of nodes, and allows a user to retrieve this using natural login mechanisms like social authentication. You need access to more than half of the shares to reconstruct the private key.
Our nodes have managed volumes and snapshot policies to ensure that key shares are not lost. We also have coverage that extends to key loss due to technical failures.
By default, the SDK always fetches the latest version of the website, so if there are new features within the website, it is automatically available when the website is updated. You can turn this off by specifying integrityParams in the initialization.
However, if there are new features in the SDK you'll need to update the SDK to get the new features. The SDK cannot update itself automatically.
No, the initial login only requests for the minimal public information, which you can see during the OAuth popup screen by the 3rd-party provider. The purpose of the login is only for verification of your identity, not for access to your personal information.
We log you out of your 3rd-party account immediately after your identity is verified. The only information that is accessible to these 3rd-party login providers is that you were logged in (and logged out) with Torus.
It is definitely possible but keeping the user logged in for just that session gives better privacy guarantees for users. There is no easy way for Torus to ensure that users are logged out by the DApp, so we opted to keep user sessions self contained.
Most Oauth providers already solve this problem by auto-approving the login request if the user logged in recently, and it may not even require user interaction. For example, for Facebook login, users do not even need to click anything if they have recently logged in.
2 points make a line right? Draw a straight line and write down the coordinates of 3 points. Erase the line.
You now need at least 2 out of 3 of the points are required to reconstruct the line.
This is a 2/3 Shamir secret sharing of the original line.
We are currently running the network as a permissioned network, so there is a whitelist process, please reach out at email@example.com.