Skip to main content

SIWWeb3 Message Spec

Here we learn what are the components of SIWWeb3 Message

The specification for Sign In With Web3 is based on https://eips.ethereum.org/EIPS/eip-4361 with the intention to make it compatible with https://github.com/ChainAgnostic/CAIPs/blob/master/CAIPs/caip-74.md

The message created follows the following structure :-

CACAO

Represents a chain-agnostic Object Capability (OCAP), created using EIP-4361 (or similar for other blockchains), as an IPLD object.

header: Header;

payload: Payload;

signature: Signature;

Payload

  /** RFC 4501 dns authority that is requesting the signing. */
  domain: string;

  /** Web3 address performing the signing */
  address: string;

  /** Human-readable ASCII assertion that the user will sign, and it must not contain newline characters. */
  statement?: string;

  /** RFC 3986 URI referring to the resource that is the subject of the signing
   *  (as in the __subject__ of a claim). */
  uri: string;

  /** Current version of the message. */
  version: string;

  /** Chain ID to which the session is bound, and the network where
   * Contract Accounts must be resolved. */
  chainId?: number;

  /** Randomized token used to prevent replay attacks, at least 8 alphanumeric
   * characters. */
  nonce: string;

  /** ISO 8601 datetime string of the current time. */
  issuedAt: string;

  /** ISO 8601 datetime string that, if present, indicates when the signed
   * authentication message is no longer valid. */
  expirationTime?: string;

  /** ISO 8601 datetime string that, if present, indicates when the signed
   * authentication message will become valid. */
  notBefore?: string;

  /** System-specific identifier that may be used to uniquely refer to the
   * sign-in request. */
  requestId?: string;

  /** List of information or references to information the user wishes to have
   * resolved as part of authentication by the relying party. They are
   * expressed as RFC 3986 URIs separated by `\n- `. */
  resources?: Array<string>;

Signature

t: string; // signature scheme

m?: SignatureMeta; // signature related metadata (optional)

s: string; // signature

Header

/** specifies format of the payload. */
t: string