SIWW
  • Sign-in with Wallet (SIWW)
  • Specifications
    • Abstract
    • Motivation
    • Open source libraries
    • Security considerations
  • Use Cases
    • NodeJS - Backend implementation
      • 1. Setup passport-wallet
      • 2. Connect to SIWW
      • 3. Manage your authentication token
      • 4. Add authentication routes
      • 5. Code the views
      • 6. Full sample app
      • 7. Debugging and Q&A
    • ReactJS - connect to backend
      • 1. Add a login route
      • 2. Redirect the route to your backend
    • JS - Native calls to SIWW libs
      • 1. Initialize SIWW client lib
      • 2. Connect to a Wallet
      • 3. Create a message
      • 4. Send a message
      • 5. React JS App
    • Authenticating as an end-user
      • 1. Have a wallet available
      • 2. Connecting and signing
Powered by GitBook
On this page
  1. Specifications

Security considerations

End-user Privacy

End-user privacy is provided via the transfer of only the wallet public address, and a hash for the username. No private data about the user, other than those which can be found on-chain, can transit during authentication.

Wallet and relying party combined security

The relying party (in our case SignWithWallet.com) implement this specification for improved security to the end-user. Specifically, the wallet displays the domain for which authentication is required, and the relying party validates the wallet signature server side before authorizing the authentication.

Encryption

SIWW is making use of encryption when storing in-browser client side data.

PreviousOpen source librariesNextNodeJS - Backend implementation

Last updated 1 year ago