Sign-In with Ethereum (SIWE) Authorization
Sign-In with Ethereum (SIWE) lets you authenticate securely using your wallet, eliminating the need for
traditional usernames and passwords.
Verified third-party apps can request access to your Monerium account using SIWE with your consent.
What the app can do after you authorize access
Before you sign, take a moment to review the app's terms of service, privacy policy, and the permissions you're
granting to ensure you're comfortable with them.
By signing, you authorize the app to:
-
Read your profile details
The app can access basic information, such as your name and associated identifiers, to personalize your
experience.
-
Read your payment details
The app can view your transaction history and payment details to offer financial insights or
services.
-
Read your IBAN details
The app can access your IBAN information linked to your wallet, helping you manage where funds are sent or
move your IBAN to another wallet address.
-
Trigger outgoing payments
The app can initiate payments from your wallet, but only with your explicit permission each time.
You'll be asked to sign off on any payment, ensuring that you're always
in control.
How it works
The third-party app generates a message for you to sign, following the EIP-4361 standard.
example.com wants you to sign in with your Ethereum account:
0x5DA1EFC8dB7E32614d7ffb0B8b6bd86e85Ecc743
Allow AppName to access my data on Monerium
URI: https://example.com/callback
Version: 1
Chain ID: 100
Nonce: 8YOaY6qkvyf7F5lx
Issued At: 2024-08-22T10:00:00Z
Expiration Time: 2024-08-22T10:05:00Z
Resources:
- https://monerium.com/siwe
- https://example.com/privacy-policy
- https://example.com/terms-of-service
Example of a message you would be asked to sign
The message includes the following information for you to review before signing:
- Domain: example.com - The app's domain you are authorizing.
- App Name: AppName - The name of the application requesting access.
- Your Wallet Address: 0x5DA1EFC8dB7E32614d7ffb0B8b6bd86e85Ecc743 - The wallet address you're
using to sign.
- Callback URL: URI: https://example.com/callback - The URL where the app receives your consent.
- Version: 1 - The SIWE message version, always set to 1 for this standard.
- Chain ID: 100 - The blockchain network ID. (1 for Ethereum mainnet, 100 for Gnosis, 137 for
Polygon).
- Nonce: 8YOaY6qkvyf7F5lx - A unique string to prevent replay attacks.
- Issued At: 2024-08-22T10:00:00Z - The timestamp when the message was created.
- Expiration Time: 2024-08-22T10:05:00Z - The time when the signed message becomes invalid.
- Resource URLs: - Links to Monerium’s SIWE info, and the app’s privacy policy and terms of service.
After signing, the application will receive a code at the specified URI, allowing them to access your data.