Degree
Master of Science in Computer Science
Department
Department of Computer Science
School
School of Mathematics and Computer Science (SMCS)
Date of Submission
Spring 2026
Supervisor
Dr. Farhan Ahmed Siddiqui, Visiting Faculty, Department of Computer Science
Keywords
Single Sign-On, decentralized identity, MetaMask, Ethereum Sepolia, blockchain, JWT, Supabase, privacy-preserving authentication
Abstract
Single Sign-On (SSO) simplifies user access by allowing a person to authenticate once and reuse that identity across multiple applications. In most commercial systems, however, SSO depends on a centralized identity provider that stores credentials, controls profile attributes, maintains sessions, and becomes the dominant trust authority for every connected application. This research project presents a hybrid decentralized identity provider for privacy-preserving SSO. The implemented system replaces password login with MetaMask wallet signatures, encrypts user profile fields before off-chain storage in Supabase, anchors wallet-linked identity references on Ethereum Sepolia through a Solidity smart contract, and issues signed JWT callbacks for two relying web applications deployed on Vercel. The central contribution is architectural rather than ideological: the prototype demonstrates that decentralized trust and ordinary web usability do not have to be mutually exclusive. Blockchain is used selectively as a tamper-resistant trust anchor, while routine authentication is handled off-chain through nonce signing, provider sessions, and short-lived tokens. This design avoids per-login gas cost, preserves browser-grade responsiveness, and still reduces provider control over identity ownership. End-to-end testing on the live deployment confirms successful wallet registration, nonce verification, encrypted profile handling, blockchain synchronization, token callback delivery, and SSO session reuse across the Faculty Portal and Student Services applications. The project therefore provides a practical blueprint for privacy-aware, wallet-based SSO under realistic academic and industry constraints.
Document Type
Restricted Access
Submission Type
Research Project
Recommended Citation
Rehman, Asad U.. "Hybrid decentralized identity provider for privacy-preserving single sign-on." Unpublished graduate research project. Institute of Business Administration. 2026. https://ir.iba.edu.pk/research-projects-mscs/71
The full text of this document is only accessible to authorized users.
