Sign-in with Polkadot (SIWP)

This documentation section will dive deep into implementing the Sign-in with Polkadot(SIWP). For more details about the concept Sign in With X (SIWx), CAIP-122.

Sign-In with Polkadot Blockchain describes how polkadot accounts authenticate with off-chain services by signing a message parameterized by scope, nonce, etc. It is an alternative to centralized identity providers. It is based on the self-custody of your identity. It leverages the on-chain authentication model to off-chain services.

The reason behind implementing the concept Sign-In with Polkadot is that it is a critical step in the Login with NFTs concept. Before granting access to some services based on the ownership of some NFTs, we need to check two main aspects:

  • You own an account via Sign with Polkadot.

  • Verify that the account has an NFT in a specified collection.

An account in Polkadot is linked to the ownership of a private key which is then mapped to his public key. The hash of the public key outputs an address.

The IDP Kit implements SIWP based on seven main steps:

  1. Nonce generation.

  2. Redirection to the IDK Kit wallet user interface.

  3. Connect to your polkadot wallet.

  4. A popup appears for signing the message. It is based on multiple factors like the nonce generated by the IDP Kit, account address, etc.

  5. Click the “Sign” button.

  6. Redirection to the IDK Kit verification service.

  7. The IDP Kit verifies the message signature based on the account address.

The message will be in the form of:

{domain} wants you to sign in with your Polkadot account: {address}. Public Key: {publicKey}.Date: {ISO8601formatedTimestamp}. {description} URI: {origin}. Version: {versionNumber}. Nonce: {nonce}

  • domain: is the RFC 3986 authority that is requesting the signing.

  • Permissions.address: account address.

  • Public Key : account public key.

  • Date: is the ISO 8601 datetime string of the current time.

  • Nonce: security parameter generated by the IDP Kit.

Last updated