Auths
Sismo Connect can be used to authenticate a user from multiple sources, either from web2 or web3.
Type definitions
The AuthRequest
is an object with the following properties:
AuthType
(required): defines the type of authentication required. The following authType are currently supported:VAULT
: Sismo Connect returns the user's vaultId for the application that requested it. It is a deterministic anonymous identifier (hash(userVaultSecret, AppId, ..)) See more information about Vault Identifiers here.GITHUB
: Sismo Connect returns the user's GitHub account id.TWITTER
Sismo Connect returns the user's Twitter account id.EVM_ACCOUNT
: Sismo Connect returns the user's Ethereum address.TELEGRAM
: Sismo Connect returns the user's Telegram account id.
userId
(optional): requests the user to have a predefined account.isOptional
(optional): by default set tofalse
. Allows the user to optionally authenticate with thisAuthType
.
// Types (typescript version)
enum AuthType {
VAULT = 0,
GITHUB = 1,
TWITTER = 2,
EVM_ACCOUNT = 3,
TELEGRAM = 4,
}
type AuthRequest = {
authType: AuthType;
userId?: string;
isOptional?: boolean;
};
Integrations
Authentication requests are made in the front end using either the sismo-connect-react
package or the sismo-connect-client
package. Requests are then verified either in a back end using the sismo-connect-server
package or in a smart contract using the sismo-connect-solidity
package.
Making an AuthRequest - Front-end integration
The SismoConnectButton
React component is available from the sismo-connect-react package. It is a wrapper of the sismo-connect-client package.
AuthRequests are passed as props of the
SismoConnectButton
either through:the
auth
props for one authentication request:AuthRequest
or,the
auths
props for several authentication requests:AuthRequest[]
Responses are received through either:
the
onResponse: (response: SismoConnectResponse) => void
callback for offchain verification or,the
onResponseBytes (response: string) => void
callback for onchain verification.
One AuthRequest - code example
import { SismoConnectButton, AuthType, SismoConnectClientConfig, SismoConnectResponse } from "@sismo-core/sismo-connect-react";
<SismoConnectButton
// the client config created
config={config}
// request a proof of account ownership
// (here Vault ownership)
auth={{authType: AuthType.VAULT}}
onResponse={async (response: SismoConnectResponse) => {
//Send the response to your server to verify it
//thanks to the @sismo-core/sismo-connect-server package
}}
onResponseBytes={async (bytes: string) => {
//Send the response to your contract to verify it
//thanks to the @sismo-core/sismo-connect-solidity package
}}
/>
Multiple AuthRequests - code example
// You can also create several auth requests
// in the same button
import { SismoConnectButton, AuthType, SismoConnectClientConfig, SismoConnectResponse } from "@sismo-core/sismo-connect-react";
<SismoConnectButton
config={config}
// request multiple proofs of account ownership
// (here Vault ownership and Twitter account ownership)
auths={[
{authType: AuthType.VAULT},
{authType: AuthType.TWITTER},
]}
onResponse={async (response: SismoConnectResponse) => {
//Send the response to your server to verify it
//thanks to the @sismo-core/sismo-connect-server package
}}
onResponseBytes={async (bytes: string) => {
//Send the response to your contract to verify it
//thanks to the @sismo-core/sismo-connect-solidity package
}}
/>
Verifying an AuthRequest
Once a user has generated a ZKP on the Data Vault app, your application must verify it. This can be achieved in onchain smart contracts or offchain back ends.
The sismo-connect-server
package exposes a SismoConnect
variable.
One or multiple AuthRequests can be verified offchain on a backend server using the sismoConnect.verify()
method available on a SismoConnect
instance.
If the proof is valid
sismoConnect.verify()
returns aresult
of typeSismoConnectVerifiedResult
else it will throw an error,the
result.getUserId()
can be called as shown below to get the userId of the corresponding type.
One AuthRequest - code example
import { SismoConnect, SismoConnectVerifiedResult, AuthType } from "@sismo-core/sismo-connect-server";
const sismoConnect = SismoConnect({config});
async function verifyResponse(sismoConnectResponse: SismoConnectResponse) {
// verifies the proofs contained in the sismoConnectResponse
// with respect to the different auths
// i.e. user prove they own a Vault
const result: SismoConnectVerifiedResult = await sismoConnect.verify(
sismoConnectResponse,
{
// proofs in the sismoConnectResponse should be valid
// with respect to a Vault ownership
auth: { authType: AuthType.VAULT },
}
)
// vaultId = hash(userVaultSecret, appId).
// the vaultId is an app-specific, anonymous identifier of a vault
const vaultId = result.getUserId(AuthType.VAULT)
}
If you are using Nextjs, you will need to add this config in the next.config.js
file to be able to verify the proof. You can find more information here.
/** @type {import('next').NextConfig} */
const nextConfig = {
experimental: {
serverComponentsExternalPackages: ["@sismo-core/sismo-connect-server"],
},
}
module.exports = nextConfig
Multiple AuthRequests - code example
import { SismoConnect, SismoConnectVerifiedResult, AuthType } from "@sismo-core/sismo-connect-server";
const sismoConnect = SismoConnect({config});
async function verifyResponse(sismoConnectResponse: SismoConnectResponse) {
// verifies the proofs contained in the sismoConnectResponse
// with respect to the different auths
// i.e. user prove they own a Vault, a Twitter account
const result: SismoConnectVerifiedResult = await sismoConnect.verify(
sismoConnectResponse,
{
// proofs in the sismoConnectResponse should be valid
// with respect to a Vault and Twitter account ownership
auths: [
{ authType: AuthType.VAULT },
{ authType: AuthType.TWITTER }
],
}
)
// vaultId = hash(userVaultSecret, appId).
// the vaultId is an app-specific, anonymous identifier of a vault
const vaultId = result.getUserId(AuthType.VAULT)
// you can also get the twitterId of the user
const twitterId = result.getUserId(AuthType.TWITTER)
}
Last updated