Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
ic-use-siwe-identity
Advanced tools
React hook and context provider for easy frontend integration with SIWE enabled Internet Computer canisters.
ic-use-siwe-identity
is a React hook and context provider for easy frontend integration with SIWE enabled Internet Computer canisters.
ic-use-siwe-identity
is part of the ic-siwe project that enables Ethereum wallet-based authentication for applications on the Internet Computer (IC) platform. The goal of the project is to enhance the interoperability between Ethereum and the Internet Computer platform, enabling developers to build applications that leverage the strengths of both platforms.
A SIWE enabled canister is a canister that integrates the ic_siwe library and exposes the SIWE login interface. The ic_siwe
library provides a set of functions for managing Internet Computer delegate identities created using Ethereum signatures.
ic_siwe
directly is using the prebuilt ic_siwe_provider canister. The provider canister can be added to your project as a dependency and used as a login provider for you project.In addition to ic-use-siwe-identity
, the following packages are required:
@dfinity/agent
@dfinity/identity
@dfinity/candid
wagmi
viem
npm install ic-use-siwe-identity @dfinity/agent @dfinity/identity @dfinity/candid wagmi viem
[!TIP] For a complete example, see the ic-siwe-react-demo-rust demo project.
To use ic-use-siwe-identity
in your React application, follow these steps:
Before interacting with the useSiweIdentity hook, you need to add an Ethereum wallet provider to your application. The easiest way to do this is by using the wagmi library. Wagmi provides a React hook for connecting to Ethereum wallets, and is used internally by ic-use-siwe-identity
. We also recommend adding RainbowKit to handle the wallet connection UI.
// main.tsx
ReactDOM.createRoot(document.getElementById("root")!).render(
<React.StrictMode>
<WagmiConfig config={wagmiConfig}>
<RainbowKitProvider>
// ...your app
</RainbowKitProvider>
</WagmiConfig>
</React.StrictMode>
);
SiweIdentityProvider
componentWrap your application's root component with SiweIdentityProvider
to provide all child components access to the SIWE identity context. Provide the component with the _SERVICE
type argument, where _SERVICE
represents the canister service definition of a canister that implements the SIWE login interface. This could be a canister that you have created yourself, using the ic_siwe library, or the prebuilt ic_siwe_provider canister. Adding the provider canister to your project as a dependency is the easiest way to get started.
// App.tsx
import { SiweIdentityProvider } from 'ic-use-siwe-identity';
import { _SERVICE } from "path-to/siwe-enabled-canister.did";
function App() {
return (
<SiweIdentityProvider<_SERVICE>
idlFactory={/* IDL Interface Factory */}
canisterId={/* Canister ID */}
// ...other props
>
// ...your app components
</App>
);
}
This is an optional step, as the login process will automatically call prepareLogin
if it has not been called manually. However, calling prepareLogin
before initiating the login process improves the user experience by reducing the time it takes to complete the login process. The prepareLogin
function requests a SIWE message from the backend. This is an update call that usually takes two to three seconds to complete.
The prepareLoginStatus
state variable can be used to indicate the status of the prepare login process. Errors that occur during the prepare login process are stored in the prepareLoginError
state variable.
[!IMPORTANT] Be sure to call
prepareLogin
again on wallet change, as the SIWE message is signed using the user's Ethereum wallet.
const { isConnected, address } = useAccount(); // Wagmi hook
const { prepareLogin, prepareLoginStatus, prepareLoginError, loginError } =
useSiweIdentity();
/**
* Preload a Siwe message on every address change.
*/
useEffect(() => {
if (prepareLoginStatus !== "idle" || !isConnected || !address) return;
prepareLogin();
}, [isConnected, address, prepareLogin, prepareLoginStatus]);
The login process is initiated by calling the login
function. This function requests a SIWE message from the backend if it has not already been loaded. The user is asked to sign the message using their Ethereum wallet and the signed message is sent to the backend for authentication. Once the authentication is complete, the user's identity is stored in local storage and the identity
state variable is updated with the new identity.
The loginStatus
state variable can be used to indicate the status of the login process. Errors that occur during the login process are stored in the loginError
state variable.
const { isConnected } = useAccount(); // Wagmi hook
const { login, loginStatus, prepareLoginStatus } = useSiweIdentity();
const text = loginStatus === "logging-in" ? "Signing in …" : "Sign in";
const disabled =
loginStatus === "logging-in" ||
!isConnected ||
prepareLoginStatus !== "success";
return (
<Button disabled={disabled} onClick={login}>
{text}
</Button>
);
{
/** Configuration options for the HTTP agent used to communicate with the Internet Computer network. */
httpAgentOptions?: HttpAgentOptions;
/** Configuration options for the actor. These options are passed to the actor upon its creation. */
actorOptions?: ActorConfig;
/** The Interface Description Language (IDL) factory for the canister. This factory is used to create an actor interface for the canister. */
idlFactory: IDL.InterfaceFactory;
/** The unique identifier of the canister on the Internet Computer network. This ID is used to establish a connection to the canister. */
canisterId: string;
/** The child components that the SiweIdentityProvider will wrap. This allows any child component to access the authentication context provided by the SiweIdentityProvider. */
children: ReactNode;
}
export type SiweIdentityContextType = {
/** Is set to `true` on mount until a stored identity is loaded from local storage or
* none is found. */
isInitializing: boolean;
/** Load a SIWE message from the provider canister, to be used for login. Calling prepareLogin
* is optional, as it will be called automatically on login if not called manually. */
prepareLogin: () => void;
/** "error" | "loading" | "success" | "idle" - Reflects the current status of the prepareLogin process. */
prepareLoginStatus: PrepareLoginStatus;
/** Error that occurred during the prepareLogin process. */
prepareLoginError?: Error;
/** Initiates the login process by requesting a SIWE message from the backend. */
login: () => void;
/** "error" | "success" | "idle" | "logging-in" - Reflects the current status of the login process. */
loginStatus: LoginStatus;
/** Error that occurred during the login process. */
loginError?: Error;
/** Status of the SIWE message signing process. This is a re-export of the Wagmi
* signMessage / status type. */
signMessageStatus: "error" | "loading" | "success" | "idle";
/** Error that occurred during the SIWE message signing process. This is a re-export of the
* Wagmi signMessage / error type. */
signMessageError: Error | null;
/** The delegation chain is available after successfully loading the identity from local
* storage or completing the login process. */
delegationChain?: DelegationChain;
/** The identity is available after successfully loading the identity from local storage
* or completing the login process. */
identity?: DelegationIdentity;
/** The Ethereum address associated with current identity. This address is not necessarily
* the same as the address of the currently connected wallet - on wallet change, the addresses
* will differ. */
identityAddress?: string;
/** Clears the identity from the state and local storage. Effectively "logs the user out". */
clear: () => void;
};
Contributions are welcome. Please submit your pull requests or open issues to propose changes or report bugs.
This project is licensed under the MIT License. See the LICENSE file for more details.
FAQs
React hook and context provider for easy frontend integration with SIWE enabled Internet Computer canisters.
The npm package ic-use-siwe-identity receives a total of 69 weekly downloads. As such, ic-use-siwe-identity popularity was classified as not popular.
We found that ic-use-siwe-identity demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.