Sign In With Ethereum (SIWE)
A specification that leverages ethereum signatures to perform authentication
Specification (see spec)
The SIWE Specification is rather simple. It describes a message format that a user ought to sign using their keys to be able to sign-in. The message MUST include a subject, nonce, and a timestamp. These parameters prevent replay-attacks, cross-site usage, and more, all while maintaining a very human readable form.
An example payload looks like the following:
localhost wants you to sign in with your Ethereum account:
0x225f137127d9067788314bc7fcc1f36746a3c3B5
This is a test statement.
URI: https://localhost/login
Version: 1
Chain ID: 1
Nonce: abcdef1234567890
Issued At: 2023-01-30T00:00:00.000Z
Implementations
The team at SpruceID has done a phenomenal job writing plug-and-play utilities that let you easily integrate ethereum-based authentication into your project. Whether you are using Next.js, React, or OpenID Connect.
In addition to the above SIWE has been integrated into connectkit & more.