ethereum-org-website icon indicating copy to clipboard operation
ethereum-org-website copied to clipboard
verified publisher icon ethereum

Create new documentation page on authentication

Open samajammin opened this issue 3 years ago • 20 comments

Is your feature request related to a problem? Please describe.

User authentication is a big topic for software application developers. I often see this as a common questions for devs new to the space - "how does authentication work on Ethereum"? They often (reasonably) bring mental models from web2 & want to understand how Ethereum users "sign in".

There's some existing resources when Googling "ethereum authentication" but the 1st result is this: https://moralis.io/ethereum-authentication-full-tutorial-to-ethereum-login-programming/ Which I don't think is a great neutral resource, as it just pushes the user to create an account & use Moralis vs. actually explaining how things work & what options a developer has when adding authentication.

Describe the solution you'd like

Create a new documentation page (perhaps under the "Ethereum stack" section) that covers how authentication works in an Ethereum context. This could be a fairly simple resource, explaining that this is typically handled by connecting an Ethereum wallet to an application via a client library like ethers.js, web3.js or Wallet Connect.

As part of this explanation it may be worth getting into how wallets & accounts work (i.e. the public-private key cryptography that allows users to sign messages proving control of an account).

This could also be a useful page to list emerging standards & best practices, like Sign in with Ethereum:

  • https://eips.ethereum.org/EIPS/eip-4361
  • https://auth0.com/blog/sign-in-with-ethereum-siwe-now-available-on-auth0/

Describe alternatives you've considered

Perhaps we should also/instead add a page covering "Ethereum wallets", which we have an existing page on but not for developers who want to learn how wallets work & how they add wallet support to a software application.

Want to contribute?

We love contributions from the Ethereum community! Please comment on an issue if you're interested in helping out with a PR.

samajammin avatar May 06 '22 12:05 samajammin

Hi, I would like to contribute on this .

mohammadobaid1 avatar May 08 '22 13:05 mohammadobaid1

I would love to help contribute here - I'm Rocco from the Spruce team / co-author on EIP-4361.

I think one of the main points the article should drive is the difference between connecting a wallet to an application and actually authenticating a session with a user. I described this previously, breaking it down from connecting a wallet and what happens when you authenticate.

To break it down further into sub-topics that would probably be great for this:

  • What is the difference between connecting a wallet and authenticating/signing in.
  • Why signing a message is necessary for authentication.
  • What can you do after authentication.
  • Why standardizing SIWE was important for wallets, user experience, and user safety.
  • What is Sign-In with Ethereum / history of EIP-4361
  • Usage today / options for users.

obstropolos avatar May 11 '22 18:05 obstropolos

This issue is stale because it has been open 45 days with no activity.

github-actions[bot] avatar Jul 14 '22 08:07 github-actions[bot]

@obstropolos Hey! Appreciate your original reply here and deep apologies that this got lost in the mix. Two years have passed but unfortunately there is still a void around this content.

Any chance you, or @mohammadobaid1, would still be interested in working on this? If it would help I can re-surface this as a new issue, but can also just keep it here.

Anyone interested please tag me here! 🙏 thanks!

wackerow avatar Feb 15 '24 18:02 wackerow

@obstropolos Hey! Appreciate your original reply here and deep apologies that this got lost in the mix. Two years have passed but unfortunately there is still a void around this content.

Any chance you, or @mohammadobaid1, would still be interested in working on this? If it would help I can re-surface this as a new issue, but can also just keep it here.

Anyone interested please tag me here! 🙏 thanks!

Sure I'd be open to it @wackerow - what would be the best way of getting in touch about it?

obstropolos avatar Feb 16 '24 15:02 obstropolos

Great, thanks @obstropolos! Can take a few approaches here...

  1. You could create a template/outline and post here to get your initial thoughts down for feedback before committing to writing an entire page; then use that to write the page for a PR
  2. You could also brainstorm ideas in out Discord and solicit feedback there before working on the PR.
  3. You could just write a page and post as a PR... downside of this approach is potentially putting in a lot of work that hasn't gotten feedback and ends up needing a lot of re-work.

I would suggest either 1 or 2 above, and start with an outline draft on GitHub, either in draft PR or inside this issue. Don't hesitate to hop into the Discord though if you need to reach out!

wackerow avatar Feb 22 '24 18:02 wackerow

Hey @obstropolos! Just circling back, curious if you're still interested in working on this. If not we can open up for others.. thanks!

wackerow avatar Apr 29 '24 16:04 wackerow

Going to unassign and open this back up

corwintines avatar May 16 '24 14:05 corwintines

This issue is stale because it has been open 30 days with no activity.

github-actions[bot] avatar Jun 16 '24 08:06 github-actions[bot]