You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The connection establishment flow with dApps implementing the sign in is fragile without implementing SIWE. SIWE allows the user to easily authenticate
Sign-In with Ethereum describes how Ethereum accounts authenticate with off-chain services by signing a standard message format parameterized by scope, session details, and security mechanisms (e.g., a nonce). The goals of this specification are to provide a self-custodied alternative to centralized identity providers, improve interoperability across off-chain services for Ethereum-based authentication, and provide wallet vendors a consistent machine-readable message format to achieve improved user experiences and consent management.
Replacing centralised standards: Replaces eg entering a phone number and receiving a code via text to prove you own/ have access to that phone number. Connecting is similar to entering the phone number. Signing is similar to entering the confirmation code you received on that number. In the sign in case, the way to do it is by generating a cryptographic nonce for you to sign with your private key. That signature proves without a doubt that you are indeed the owner of your wallet.
Notes
SIWE enables users to easily sign in to dApps by authenticating with their wallet.
The plan is to support SIWE standard message format as specified in ERC-4361. When the dApp prompts a user to sign a message that follows the SIWE format, we should parse the message and give the user this human readable dialog to sign into the dApp.
Not just for Ethereum - work with L2s and other EVM-compatible chains
Spruce leads it’s development (🔗 article from Spruce)
SSX enables developers to configure the fields of their SIWE message using the siweConfig option. This option allows you to overwrite the fields found in the SIWE message
Request expiry parameter recently added by WC to allow dApps to extend the previously hardcoded 5min window: 🔗 WC github feat: optional request expiry #1851
Added an optional expiry parameter to session requests where a number between 300 & 604800 seconds (5 minutes min - 7 days max) can be specified to extend a request timeout
Content
Details
Add SIWE to sign-in via Wallet Connect
UI tasks:
Integration tasks:
Bugs:
Abstract
Sign-In with Ethereum describes how Ethereum accounts authenticate with off-chain services by signing a standard message format parameterized by scope, session details, and security mechanisms (e.g., a nonce). The goals of this specification are to provide a self-custodied alternative to centralized identity providers, improve interoperability across off-chain services for Ethereum-based authentication, and provide wallet vendors a consistent machine-readable message format to achieve improved user experiences and consent management.
Replacing centralised standards: Replaces eg entering a phone number and receiving a code via text to prove you own/ have access to that phone number. Connecting is similar to entering the phone number. Signing is similar to entering the confirmation code you received on that number. In the sign in case, the way to do it is by generating a cryptographic nonce for you to sign with your private key. That signature proves without a doubt that you are indeed the owner of your wallet.
Notes
SIWE enables users to easily sign in to dApps by authenticating with their wallet.
The plan is to support SIWE standard message format as specified in ERC-4361. When the dApp prompts a user to sign a message that follows the SIWE format, we should parse the message and give the user this human readable dialog to sign into the dApp.
Not just for Ethereum - work with L2s and other EVM-compatible chains
Spruce leads it’s development (🔗 article from Spruce)
SSX enables developers to configure the fields of their SIWE message using the
siweConfigoption. This option allows you to overwrite the fields found in the SIWE messageUseful links
🔗 Figma
🔗 ERC-4361: Sign-In with Ethereum
🔗 SIWE (MetaMask article)
🔗 SIWE (MetaMask dev)
🔗 ERC-4361: Sign-In with Ethereum
🔗 Wallet connect One-click authentication
Ensure Wallet Connect complies with EIP and WC standards in terms of API implementations
UI tasks:
Integration tasks:
Bugs:
Useful links
https://docs.walletconnect.com/walletkit/best-practices
Fix transaction issues
Bugs:
Sign and transaction request expiration
UI tasks:
Integration tasks:
Bugs:
Notes
Notes for development
Request expiry parameter recently added by WC to allow dApps to extend the previously hardcoded 5min window: 🔗 WC github feat: optional request expiry #1851
Added an optional expiry parameter to session requests where a number between 300 & 604800 seconds (5 minutes min - 7 days max) can be specified to extend a request timeout
Useful links
🔗 Figma
Release preparations
The text was updated successfully, but these errors were encountered: