As Blockchain technology and its applications continue to grow, new and innovative use cases will emerge. One such use case is “Sign-in with Ethereum” (SIWE), a decentralized authentication system that utilizes the Ethereum blockchain to authenticate users without needing a centralized identity provider.

Using SIWE, users can sign in to websites and applications without relying on authentication methods such as Single sign-on (SSO) or username and password credentials. In this blog post, we will explore how “Sign-in with Ethereum” works, its potential advantages and disadvantages, and how it compares to traditional SSO.

“Connect wallet” vs “Sign-in with Ethereum”

First, what is the difference between “Connect wallet” and “Sign-in with Ethereum”?

Connecting a wallet to an application doesn’t do all that much. It gives your wallet’s public address to the application. This way the application can view your balances and previous actions and can request actions that you, as a user, need to manually accept. After you close your browser or disconnect your wallet the application remembers nothing about you.

Nowadays web3 applications and their users want richer interactions, such as loading preferences or private data. For these interactions, the application needs to ensure it is talking to the actual keyholder behind the account, and not someone just pretending to control the account. “Connect wallet” does not provide this guarantee, but SIWE does.

Once a user authenticates himself with SIWE the application will be able to save his information. Even if the wallet disconnects and the user has to authenticate again, the application will still remember him.

How does “Sign-in with Ethereum” work?

“Sign-in with Ethereum” works using a digital signature flow.

When a wants to log in to an application that supports SIWE the application requests a digital signature from the user’s Ethereum wallet. The user then provides the signature using his private key and the application verifies this signature using the user’s public key.

If the signature is valid, the website or application grants the user access, and the signature is published as a transaction on the Ethereum blockchain. This ensures that the authentication process is secure and immutable, as any attempts to tamper with the signature or authentication data will be reflected on the blockchain.

Last year Auth0 added SIWE to their integration marketplace allowing developers to dd Sign-in with Ethereum to their Auth0 tenant. This way users can authenticate using a traditional way or with their crypto wallet.

Auth0 added SIWE to their marketplace last year, enabling developers to integrate SIWE into their Auth0 tenant. This means that users can now authenticate themselves using a variety of methods, including traditional username/password, SSO providers like Google or Facebook, or their Ethereum-based wallet.

Advantages and disadvantages

SIWE provides a secure, decentralized way to authenticate users. Below you can find some security and privacy benefits of using SIWE and a few disadvantages that need to be addressed before SIWE can be widely adopted.

Decentralized data

Traditional authentication systems rely on centralized servers to store user data and manage the authentication process. This creates a single point of failure that can be vulnerable to data breaches and hacking attempts. With SIWE, user data is stored on the user’s device, and the authentication process is decentralized, making it much more difficult for hackers to compromise the system.

User control

SIWE puts users in control of their data and authentication. By relying on the user’s private key to initiate the authentication process, SIWE removes the need for users to share their personal information with third-party authentication providers. This reduces the risk of data misuse or abuse and gives users more control over their online identity.

Immutable records

When a user logs in using SIWE, the authentication transaction is recorded on the Ethereum blockchain. This provides an immutable record of the authentication event that cannot be altered or deleted. All this data is publicly available for others to analyze and interpret. This can both be an advantage and a disadvantage.

Complexity

To use SIWE correctly, users must be familiar with blockchain technology, crypto wallets, and private key management. If a user loses their private key, they may lose access to their account permanently. Users have to be diligent in storing their private keys securely and backing them up properly. This can make it more difficult for non-technical users to get started with SIWE.

Limited adoption

Blockchain technologies are still relatively new and have not yet achieved widespread adoption. Because SIWE is built on top of Ethereum and is a relatively new authentication method, many websites and applications don’t support it. This may limit the potential benefits of SIWE for users who wish to use it as their primary authentication method.

Network congestion

SIWE relies on the Ethereum blockchain, which can sometimes experience network congestion and high transaction fees. This can result in a slower authentication process and increased transaction costs when interacting with applications.

Working implementations

Recently, more and more developers are exploring the potential of SIWE for their projects. Below is a list of some of the most well-known and widely used applications that implemented SIWE, giving users richer experiences and a privacy-focused authentication option.

Web2

Shopify integrated SIWE to give users a more private login authentication and is paving the way for users to have practical access to Web3 features, such as minting NFTs, token-gated access restrictions, and other Web3 rewards.

Web3

OpenSea is a popular NFT marketplace built on the Ethereum blockchain. Last year they integrated SIWE to give users a richer experience on the platform. For example, users can now customize their avatar and their profile page.

Clarity is a collaborative workspace where teams write docs, manage projects, and organize knowledge. It could be used as a Web3 alternative to Notion or Asana. Clarity uses SIWE to authenticate its users and manage token-based member roles and permissions.

Unlock is an open-source protocol for creating memberships and subscriptions as NFTs. It is a Web3 alternative to traditional membership platforms such as Patreon and Substack and could be used by artists, musicians, and writers. They integrated SIWE into the Unlock Account and their Wordpress plugin. You can watch this demo video to see how they implemented SIWE.

Wallets and infrastructure

MetaMask, Argent, and Rainbow are some of the most widely used crypto wallets. With the growing popularity of SIWE, these projects quickly integrated the SIWE functionality into their wallets. This allows users to verify that a signature request is based on the secure SIWE standard, making it more difficult for scammers or phishers to convince users to sign a deceiving transaction.

By incorporating SIWE, these wallets offer users a more secure and reliable way to access their accounts and transact on the blockchain.

Ethereum Name Service (ENS) is a decentralized domain name service built on the Ethereum blockchain. It enables anyone to register human-readable domain names such as vitalik.eth and map them to any Ethereum address like their wallet address. Unlike traditional domain name systems, ENS is fully decentralized and deeply integrated into the crypto ecosystem.

ENS has been a key supporter of SIWE and continues to do so. With ENS, users can take their online identity with them, wherever they go on the web, and SIWE enables seamless interaction across different platforms.

Conclusion

To summarize, “Sign-in with Ethereum” (SIWE) is a decentralized authentication system that enables users to authenticate themselves without relying on conventional authentication methods. The system utilizes the Ethereum blockchain to verify user credentials and record the authentication event, making the authentication process secure and immutable.

Compared to traditional authentication methods like SSO and username/password authentication, SIWE offers a few benefits, particularly in terms of data security and privacy. However, it has some disadvantages, such as the requirement for users to have a basic understanding of blockchain technology and private key management. Additionally, since blockchain technology is not yet widely adopted, many websites and applications may not support SIWE, limiting its potential benefits.

Despite these challenges, SIWE has been successfully implemented by some well-known web3 applications, providing users with richer experiences and privacy-focused authentication options. As blockchain technology continues to evolve and more complex decentralized applications get built, SIWE does have the potential to become a popular authentication method.

**Note:
**As I mentioned earlier, “Sign-in with Ethereum” was initially developed on top of Ethereum. However, recent developments have made it possible to use this authentication method on EVM-compatible chains such as Optimism, Arbitrum, BNB Chain, and Polygon.

Some useful links:

• https://blog.spruceid.com for more information regarding SIWE

• https://eips.ethereum.org/EIPS/eip-4361 for the EIP-4361 documentation

• https://github.com/spruceid/siwe for the Typescript SIWE library