From 977e48fda20a572105624f528f2ee60c27939a65 Mon Sep 17 00:00:00 2001
From: Michael Feher <michael.feher@algorand.foundation>
Date: Wed, 24 Apr 2024 12:22:03 -0400
Subject: [PATCH] docs: add decision

---
 .decisions/4-Fido-Extension.md | 51 ++++++++++++++++++++++++++++++++++
 .decisions/README.md           |  2 ++
 2 files changed, 53 insertions(+)
 create mode 100644 .decisions/4-Fido-Extension.md

diff --git a/.decisions/4-Fido-Extension.md b/.decisions/4-Fido-Extension.md
new file mode 100644
index 0000000..78a0bf0
--- /dev/null
+++ b/.decisions/4-Fido-Extension.md
@@ -0,0 +1,51 @@
+# Overview
+
+Deprecate ARC-31/Arbitrary Auth Message in favor of custom FIDO2 extension
+
+## Decisions
+
+- Remove connect module and endpoints
+- Use FIDO2 Attestation/Assertions for device linking
+
+## Implementation
+
+```mermaid
+sequenceDiagram
+    participant Website
+    participant Server
+    participant Wallet
+    Note over Website, Wallet: Link devices
+    Website->>Server: Subscribe to 'wss:link'
+    Website-->>Website: Display QR Connect Request ID
+    Wallet->>Website: Scan QR Code
+    Server-->>Wallet: Get Challenge/Options
+    Wallet->>Server: POST FIDO2 Credential + Liquid Auth Signature
+    Server-->>Server: Validate Signatures
+    Server-->>Website: HTTPOnly Session
+    Server->>Wallet: Ok Response + HTTPOnly Session
+    Server->>Website: Emit to `wss:link` client
+    Note over Website, Wallet: Signaling Channels
+    Website-->>Server: Subscribe to 'wss:offer-description'
+    Website-->>Server: Subscribe to 'wss:offer-candidate'
+    Wallet-->>Server: Subscribe to 'wss:answer-description'
+    Wallet-->>Server: Subscribe to 'wss:answer-candidate'
+    
+    Note over Website, Wallet: Peer Offer
+    Wallet-->>Wallet: On answer-description, set Remote SDP
+    Wallet-->>Wallet: On answer-candidate, add ICE Candidate
+    Wallet-->>Wallet: Create Peer Offer & DataChannel
+    Wallet-->>Server: Emit `wss:offer-description`
+    Wallet-->>Server: Emit `wss:offer-candidate`
+    
+    Note over Website, Wallet: Peer Answer
+    Website-->>Website: On offer-description, set Remote SDP and create Answer
+    Website-->>Website: On offer-candidate, add ICE Candidate
+    Website-->>Server: Emit `wss:answer-description`
+    Website-->>Server: Emit `wss:answer-candidate`
+    
+    Note over Website, Wallet: Data Channel
+    Website-->>Wallet: On DataChannel, Emit Messages
+    
+```
+
+*Note: It may be possible to handle signaling in a fully decentralized manner in the future. 
diff --git a/.decisions/README.md b/.decisions/README.md
index 9687e1d..b07bf89 100644
--- a/.decisions/README.md
+++ b/.decisions/README.md
@@ -2,3 +2,5 @@
 
 - [1. Service Authentication](1-Service-Authentication.md)
 - [2. Bidirectional-Communications](2-Bidirectional-Communication.md)
+- [3. Peer-to-Peer-Signaling](3-Peer-to-Peer-Signaling.md)
+- [4. Fido-Extension](4-Fido-Extension.md)