💎Ruby

A Ruby implementation of EIP-4361: Sign In With Ethereum.

Getting started

  • The Ruby implementation of Sign-In with Ethereum can be found here:

Sign-In with Ethereum can be found on RubyGems. For more information and package information, click here

Installation

Dependencies

Additional packages may be required to install the gem:

brew install automake openssl libtool pkg-config gmp libffi

After installing any required dependencies SIWE can be easily installed with:

gem install siwe

Usage

SIWE provides a Message class which implements EIP-4361.

Creating a SIWE Message

require 'siwe'
require 'time'

# Only the mandatory arguments
Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1")

# Complete SIWE message with default values
Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1", {
                                   issued_at: Time.now.utc.iso8601,
                                   statement: "Example statement for SIWE",
                                   nonce: Siwe::Util.generate_nonce,
                                   chain_id: "1",
                                   expiration_time: "",
                                   not_before: "",
                                   request_id: "",
                                   resources: []
                                 })

Parsing a SIWE Message

To parse from EIP-4361 you have to use Siwe::Message.from_message

require 'siwe'

Siwe::Message.from_message "domain.example wants you to sign in with your Ethereum account:\n0x9D85ca56217D2bb651b00f15e694EB7E713637D4\n\nExample statement for SIWE\n\nURI: some.uri\nVersion: 1\nChain ID: 1\nNonce: k1Ne4KWzBHYEFQo8\nIssued At: 2022-02-03T20:06:19Z"

Verifying and Authenticating a SIWE Message

Verification and authentication is performed via EIP-191, using the address field of the SiweMessage as the expected signer. The validate method checks message structural integrity, signature address validity, and time-based validity attributes.

begin
    message.validate(signature) # returns true if valid throws otherwise
rescue Siwe::ExpiredMessage
    # Used when the message is already expired. (Expires At < Time.now)
rescue Siwe::NotValidMessage
    # Used when the message is not yet valid. (Not Before > Time.now)
rescue Siwe::InvalidSignature
    # Used when the signature doesn't correspond to the address of the message.
end

Serialization of a SIWE Message

Siwe::Message instances can also be serialized as their EIP-4361 string representations via the Siwe::Message.prepare_message method:

require 'siwe'

Siwe::Message.new("domain.example", "0x9D85ca56217D2bb651b00f15e694EB7E713637D4", "some.uri", "1").prepare_message

Example

Parsing and verifying a Siwe::Message:

require 'siwe'

begin
    message = Siwe::Message.from_message "https://example.com wants you to sign in with your Ethereum account:\n0xA712a0AFBFA8656581BfA96352c9EdFc519e9cad\n\n\nURI: https://example.com\nVersion: 1\nChain ID: 1\nNonce: 9WrH24z8zpiYOoBQ\nIssued At: 2022-02-04T15:52:03Z"
    message.validate "aca5e5649a357cee608ecbd1a8455b4143311381636b88a66ec7bcaf64b3a4743ff2c7cc18501a3401e182f79233dc73fc56d01506a6098d5e7e4d881bbb02921c"
    puts "Congrats, your message is valid"
rescue Siwe::ExpiredMessage
    # Used when the message is already expired. (Expires At < Time.now)
rescue Siwe::NotValidMessage
    # Used when the message is not yet valid. (Not Before > Time.now)
rescue Siwe::InvalidSignature
    # Used when the signature doesn't correspond to the address of the message.
end

Last updated