DirectAuth creates a unique Tezos wallet for each of your OAuth accounts. It is powered by an open-source and non-custodial key management system.
When you login with your OAuth account, a proof of the authentication (id token) is sent to the Torus Network. Each node in the BFT network then verifies the proof and replies with a share (Shamir's Secret Sharing), allowing the private key to be reconstructed on the client-side. The operating members of the blockchain agnostic Torus Network selected are trusted and proven ecosystem and industry stakeholders.
Keys are generated using distributed key generation and tied to an OAuth login. The only way to access your private keys are through your OAuth provider. Therefore, make sure to keep your account safe with a strong password and look over your recovery options. For Google accounts you can also enable 2FA for an extra layer of security for your wallet.