SIWE is being migrated to SIWX. We recommend using SIWX (Sign In With X) for new implementations as it provides multichain authentication support. For existing SIWE implementations, see the migration guide.
One-Click Auth
One-Click Auth represents a key advancement within WalletConnect v2, streamlining the user authentication process in AppKit by enabling them to seamlessly connect with a wallet and sign a SIWE message with just one click. It supports both EIP-1271, the standard for signature validation in smart accounts, and EIP-6492, which enables signature validation for smart accounts (contracts) that are not yet deployed, allowing messages to be signed without requiring prior deployment. Connecting a wallet, proving control of an address with an off-chain signature, authorizing specific actions. These are the kinds of authorizations that can be encoded as “ReCaps”. ReCaps are permissions for a specific website or dapp that can be compactly encoded as a long string in the message you sign and translated by any wallet into a straight-forward one-sentence summary. reown uses permissions expressed as ReCaps to enable a One-Click Authentication.Installation
Configure your SIWE Client
React SIWE Example
Check the client/server React example
If you are not using our library on the server-side, please normalize the address with eip-55 in the createMessage function. You can check our example for that Functionality.
Server Side
Setting up a backend server using Express for a web application that interacts with the Siwe protocol.Routes:
- GET ‘/nonce’: Generates and returns a nonce (single-use random number).
- POST ‘/verify’: Uses the Siwe protocol to verify the message, requiring a signature (the one you are going to approve throw the UX) and a nonce stored in the session.
- GET ‘/session’: Retrieves the stored Siwe object from the session.
- GET ‘/signout’: Clears the session.
verifySignature
Verify a SIWE signature.Initialize AppKit with your siweConfig
Add the siweConfig
to your createAppKit parameters
SIWE Config Parameters
getMessageParams () => Promise<{ domain: string, uri: string, chains: number[], statement: string }>
Parameters to create the SIWE message internally.getNonce () => Promise<string>
The getNonce method functions as a safeguard against spoofing, akin to a CSRF token. The siwe package provides a generateNonce() helper, or you can utilize an existing CSRF token from your backend if available.createMessage (args: SIWECreateMessageArgs) => string
The official siwe package offers a straightforward method for generating an EIP-4361-compatible message, which can subsequently be authenticated using the same package. The nonce parameter is derived from your getNonce endpoint, while the address and chainId variables are sourced from the presently connected wallet.verifyMessage (args: SIWEVerifyMessageArgs) => Promise<boolean>
The function to ensure the message is valid, has not been tampered with, and has been appropriately signed by the wallet address.getSession () => Promise<SIWESession | null>
The backend session should store the associated address and chainId and return it via the getSession
method.signOut () => Promise<boolean>
The users session can be destroyed calling signOut
.onSignIn (session?: SIWESession) => void
Callback when user signs in (Optional).onSignOut () => void
Callback when user signs out (Optional).signOutOnDisconnect boolean
- defaults to
true