# Security considerations

**End-user Privacy**

End-user privacy is provided via the transfer of only the wallet public address, and a hash for the username. No private data about the user, other than those which can be found on-chain, can transit during authentication.

**Wallet and relying party combined security**

The relying party (in our case SignWithWallet.com) implement this specification for improved security to the end-user. Specifically, the wallet displays the `domain` for which authentication is required, and the relying party validates the wallet signature server side before authorizing the authentication.

**Encryption**

SIWW is making use of encryption when storing in-browser client side data.