After installing any required dependencies SIWE can be easily installed with:
gem install siwe
Usage
SIWE provides a Message class which implements EIP-4361.
Creating a SIWE Message
require'siwe'require'time'# Only the mandatory argumentsSiwe::Message.new("domain.example","0x9D85ca56217D2bb651b00f15e694EB7E713637D4","some.uri","1")# Complete SIWE message with default valuesSiwe::Message.new("domain.example","0x9D85ca56217D2bb651b00f15e694EB7E713637D4","some.uri","1", { issued_at: Time.now.utc.iso8601, statement: "Example statement for SIWE", nonce: Siwe::Util.generate_nonce, chain_id: "1", expiration_time: "", not_before: "", request_id: "", resources: [] })
Parsing a SIWE Message
To parse from EIP-4361 you have to use Siwe::Message.from_message
require'siwe'Siwe::Message.from_message "domain.example wants you to sign in with your Ethereum account:\n0x9D85ca56217D2bb651b00f15e694EB7E713637D4\n\nExample statement for SIWE\n\nURI: some.uri\nVersion: 1\nChain ID: 1\nNonce: k1Ne4KWzBHYEFQo8\nIssued At: 2022-02-03T20:06:19Z"
Messages can be parsed to and from JSON strings, using Siwe::Message.from_json_string and Siwe::Message.to_json_string respectively:
require'siwe'Siwe::Message.from_json_string "{\"domain\":\"domain.example\",\"address\":\"0x9D85ca56217D2bb651b00f15e694EB7E713637D4\",\"uri\":\"some.uri\",\"version\":\"1\",\"chain_id\":\"1\",\"nonce\":\"k1Ne4KWzBHYEFQo8\",\"issued_at\":\"2022-02-03T20:06:19Z\",\"statement\":\"Example statement for SIWE\",\"expiration_time\":\"\",\"not_before\":\"\",\"request_id\":\"\",\"resources\":[]}"
Siwe::Message.new("domain.example","0x9D85ca56217D2bb651b00f15e694EB7E713637D4","some.uri","1").to_json_string
Verifying and Authenticating a SIWE Message
Verification and authentication is performed via EIP-191, using the address field of the SiweMessage as the expected signer. The validate method checks message structural integrity, signature address validity, and time-based validity attributes.
begin message.validate(signature) # returns true if valid throws otherwiserescueSiwe::ExpiredMessage# Used when the message is already expired. (Expires At < Time.now)rescueSiwe::NotValidMessage# Used when the message is not yet valid. (Not Before > Time.now)rescueSiwe::InvalidSignature# Used when the signature doesn't correspond to the address of the message.end
Serialization of a SIWE Message
Siwe::Message instances can also be serialized as their EIP-4361 string representations via the Siwe::Message.prepare_message method:
require'siwe'begin message = Siwe::Message.from_message "https://example.com wants you to sign in with your Ethereum account:\n0xA712a0AFBFA8656581BfA96352c9EdFc519e9cad\n\n\nURI: https://example.com\nVersion: 1\nChain ID: 1\nNonce: 9WrH24z8zpiYOoBQ\nIssued At: 2022-02-04T15:52:03Z"
message.validate "aca5e5649a357cee608ecbd1a8455b4143311381636b88a66ec7bcaf64b3a4743ff2c7cc18501a3401e182f79233dc73fc56d01506a6098d5e7e4d881bbb02921c"
puts"Congrats, your message is valid"rescueSiwe::ExpiredMessage# Used when the message is already expired. (Expires At < Time.now)rescueSiwe::NotValidMessage# Used when the message is not yet valid. (Not Before > Time.now)rescueSiwe::InvalidSignature# Used when the signature doesn't correspond to the address of the message.end
