JimBob goes to the Ye Olde Guestbook dapp on his phone and clicks the “Signup” button;

His phone asks him if he would like to create a passkey on his device to sign into and interact with the dapp;

JimBob accepts and authenticates himself locally using the existing fingerprint biometrics stored on his phone;

His phone generates a public key and a private key using the secp256r1 elliptic curve, which are securely tied to both his device (the phone) and the service’s domain (ye-olde-guestbook.vercel.app) — this keypair is the passkey;

JimBob’s phone communicates with the blockchain to set up a smart wallet, registering the passkey’s public key as an authentication method for the wallet.

JimBob wants to sign the Ye Olde Guestbook dapp on his phone using his smart wallet;

The dapp sends a challenge to JimBob’s phone, which must be signed to authorize the action;

JimBob verifies his identity locally by using fingerprint biometrics; the phone then accesses the private key associated with the passkey registered for that dapp and device;

JimBob’s phone cryptographically signs the challenge using the passkey’s private key and sends the signed challenge back to the dapp (note that the private key never leaves JimBob’s device);

The dapp adds the signed challenge to the transaction so it can be used for authentication once the transaction is submitted to the network;

The blockchain network validates the signature using the corresponding public key registered during setup to confirm the transaction’s authenticity;

Once verified, the transaction is processed, added to the blockchain, and JimBob can perform the action.