Implements support to authenticate, authorize and verify with Ethereum accounts as a did:pkh with SIWE(X) and CACAO.
Primarly used with did-session
and @didtools/cacao
.
npm install --save @didtools/pkh-ethereum
To Auth in a web based env, use any injected Ethereum provider that implements the standard interface with EthereumWebAuth
. A standard Ethereum provider should impelement the interface as defined by EIP-1193.
// Web Auth Usage
import { EthereumWebAuth, getAccountId } from '@didtools/pkh-ethereum'
// ...
const ethProvider = // import/get your web3 eth provider
const addresses = await ethProvider.request({ method: 'eth_requestAccounts' })
const accountId = await getAccountId(ethProvider, addresses[0])
const authMethod = await EthereumWebAuth.getAuthMethod(ethProvider, accountId)
To Auth in a Node based env, use any standard web3 provider interface with EthereumNodeAuth
// Node Auth Usage
import { EthereumNodeAuth, getAccountId } from '@didtools/pkh-ethereum'
// ...
const ethProvider = // import/get your web3 eth provider
const addresses = await ethProvider.request({ method: 'eth_requestAccounts' })
const accountId = await getAccountId(ethProvider, addresses[0])
const appName = 'MyNodeApp'
const authMethod = await EthereumNodeAuth.getAuthMethod(ethProvider, accountId, appName)
To use with did-session and reference did-session docs for more details.
const client = new ComposeClient({ceramic, definition})
const resources = client.resources
const session = await DIDSession.authorize(authMethod, { resources })
client.setDID(session.did)
AuthMethod creators consume a standard Ethereum provider and an AccountId. AccountID follows the
CAIP10 standard. The helper method getAccountID
is provided, but you can also create an AccountID
using the CAIP library directly.
import { AccountId } from 'caip'
import { getAccountId } from '@didtools/pkh-ethereum'
const accountId = await getAccountId(ethProvider, addresses[0])
const ethMainnetChainId = '1'
const chainNameSpace = 'eip155'
const chainId = `${chainNameSpace}:${ethMainnetChainId}`
const accountIdCAIP = new AccountId({ address, chainId })
// accountId = accountIdCAIP
The EthereumNodeAuth
additionally consumes an application name. The 'EthereumWebAuth' method uses your
application domain name by default.
import { EthereumNodeAuth } from '@didtools/pkh-ethereum'
const appName = 'MyNodeApp'
const authMethod = EthereumNodeAuth.getAuthMethod(ethProvider, accountId, appName)
Verifiers are needed to verify different did:pkh signed payloads using CACAO. Libraries that need them will consume a verifiers map allowing your to register the verifiers you want to support.
import { Cacao } from '@didtools/cacao'
import { getEIP191Verifier } from '@didtools/pkh-ethereum'
import { DID } from 'dids'
const verifiers = {
...getEIP191Verifier()
}
// Directly with cacao
Cacao.verify(cacao, { verifiers, ...opts})
// With DIDS, reference DIDS for more details
const dids = //configured dids instance
await dids.verifyJWS(jws, { capability, verifiers, ...opts})
Apache-2.0 OR MIT