Skip to main content

Authentication

The Shiba CAS and Shiba EOA SDK are foundational services designed to streamline authentication and user onboarding within the Shib ecosystem. These tools address key challenges in Web3 development by offering secure, user-friendly methods to verify wallet ownership, authenticate users, and facilitate seamless wallet interactions.

By leveraging cryptographic verification, JWT-based authentication, and compatibility with industry standards like EIP, they provide developers with a comprehensive toolkit to enhance the security and user experience of decentralized applications (DApps). Together, these services support the creation of a more accessible, trust-driven ecosystem that bridges Web2 simplicity with Web3's advanced infrastructure.

Shib CAS

The Shib CAS (Central Authentication Service) provides a robust framework for verifying wallet ownership and Shib Identity, enabling secure, seamless interactions across the Shib ecosystem. By leveraging cryptographic verification with ECRecover, the CAS ensures that each address is authenticated, generating a JSON Web Token (JWT) for secure, tokenized interactions. With an accompanying JWKS (JSON Web Key Set) endpoint for JWT verification and a lightweight client-side SDK, this service ensures developers can integrate secure authentication into dapps with ease.

Key Features of Shib CAS

Address Ownership Verification with ECrecover

  • Cryptographic Proof: Uses ECrecover to validate that a wallet address truly belongs to the signing entity.
  • Secure Authentication: Ensures that only the rightful owner can perform actions associated with the address.

Shib Identity Verification

  • Integrated Shib Identity: Checks the wallet’s Shib DID to validate user profiles and on-chain reputation.
  • Enhanced Trust: Combines address authentication with Shib-specific identifiers to build a trusted ecosystem.

JWT Generation

  • Tokenized Authentication: Once verified, the service generates a JWT for the address, enabling secure, token-based interactions.
  • Short-lived Tokens: Tokens have configurable expiration times, ensuring secure and session-bound authentication.

JWKS Endpoint for Verification

  • Standardized JWT Validation: The CAS provides a JWKS endpoint, allowing developers to validate JWTs directly in their DApps.
  • Public Key Distribution: Securely shares public keys used for signing tokens, ensuring efficient and trusted validation workflows.

Lightweight Client-Side SDK

Comprehensive Authentication Flow

  • Wallet Signature Requests: Initiates the authentication flow by prompting the user to sign a challenge using their wallet.
  • Server Interaction: Automatically interfaces with the CAS service to verify the signature and fetch the JWT.

Ease of Integration

  • Plug-and-Play: Simplified SDK allows developers to integrate wallet authentication into their applications with minimal effort.
  • API-First Design: Built with flexibility, enabling support for a wide range of use cases across DApps.

Potential Applications

Secure DApp Access

  • Use JWTs to authenticate users across ShibaSwap, Shib Games, and other Shib DApps without repeatedly requiring wallet signatures.

Decentralised Identity (DID)

  • Leverage JWTs as secure tokens representing a user’s verified Shib Identity for use in DAOs, reputation systems, and DeFi platforms.

Gaming and Metaverse

  • Authenticate users in gaming platforms like Shiba Eternity, ensuring secure and unique identity verification for player accounts.

DAO Governance

  • Ensure only authenticated addresses with verified Shib DID participate in governance, voting, and treasury management.

Advantages

Security

  • Ensures the rightful ownership of wallets through cryptographic verification.
  • JWTs provide a secure, tokenized approach to authentication, reducing risks of session hijacking or impersonation.

Developer-Friendly

  • The client-side SDK simplifies integration, reducing time-to-market for DApp developers.
  • The JWKS endpoint ensures smooth JWT validation workflows across applications.

Interoperability

  • Fully compatible with Ethereum standards, making it usable across Shibarium and other Ethereum-based ecosystems.

SDK for Integration

The SDK for the CAS i.e. CAS-SDK is already published and can be used for integrating DApp Frontends to the corresponding CAS service and JWT flows (decode, verify etc).

Benefits for Developers and Users

  • For Developers: Simplifies authentication workflows and reduces reliance on repetitive wallet signature requests.
  • For Users: Streamlined and secure login experiences across the Shib ecosystem.

The Shib CAS Service and SDK provides a foundational layer for secure, user-friendly wallet authentication and Shib Identity verification, ensuring trust and efficiency in Web3 interactions. By combining cryptographic standards with an intuitive SDK, the CAS empowers developers to build secure, scalable applications while enhancing user experiences.

Shiba EOA SDK

The Shib EOA SDK is a robust, secure solution that bridges the gap between Web2 and Web3, enabling users to interact seamlessly with EOA wallets using familiar login methods such as Google, Discord, and Email, or through popular Web3 wallet integrations like MetaMask and Rainbow Wallet.

The SDK offers two user models: Web3Auth and WAGMI, providing flexibility for diverse user preferences while ensuring security and a non-custodial approach through Threshold MPC (Multi-Party Computation) Key Management Systems (KMS). This user-friendly framework simplifies wallet onboarding and interaction, driving accessibility in the Shib ecosystem.

Dual-Mode User Onboarding

Web3Auth Integration

  • Threshold MPC KMS: Utilizes Multi-Party Computation for secure key generation and management.
    • Social logins (e.g., Google, Discord, Email) generate cryptographic shares.
    • Shares are distributed across client devices and other secure Web3Auth Nodes, ensuring a non-custodial and highly secure setup.
    • Backup options include passwords, seed phrases, or authenticators.
  • Non-custodial Security: Several of the critical cryptographic shares remain client-side, ensuring that users maintain control of their private keys.

WAGMI Interface

  • Web3 Wallet Support: Connects directly to leading Web3 wallets like MetaMask, Rainbow Wallet, and WalletConnect.
  • Seamless DApp Integration: Leverages WAGMI’s comprehensive API for effortless interaction with decentralised applications.

Social Login-Driven Wallets (Web3Auth)

  • Ease of Access: Users can create or access wallets using familiar credentials (e.g., Gmail, Discord, etc.), dramatically reducing friction for onboarding new users. This flow is also used to login users with Shib Ecosystem’s Web2 Applications like ShibMagazine.
  • MPC-based Seed Management: Keys are split into secure shares, with several stored client-side and remaining distributed across MPC nodes.
  • Recovery Options: Supports multiple recovery methods, ensuring accessibility without compromising security. The solution even provides different levels of security based on the number of extra shares generated.
  • Efficient UX: Users who prefer full control over their wallets can directly interact with EOA wallets through the SDK.

Direct Wallet Connections (WAGMI)

  • Supported Wallets: Connects seamlessly with MetaMask, Rainbow Wallet and other WalletConnect-compatible wallets.
  • DApp Compatibility: Fully interoperable with Shib DApps like ShibaSwap, Shib Eternity, and DAO interfaces, ensuring a consistent user experience.

Key Features of Shib EOA SDK

Security

  • Threshold MPC KMS: Keeps private keys safe while ensuring they remain accessible to users only.
  • Non-Custodial: No centralized entity can access user funds or private keys.

User Experience

  • Simplified Onboarding: Social login-based wallet creation lowers entry barriers for Web2 users entering the Shib ecosystem.
  • Cross-Platform Support: Works across Web2 login methods and Web3 wallet standards.

Flexibility

  • Two User Models: Supports both Web2-friendly social logins and Web3-native wallet connections.
  • Customisable Integration: Easily adaptable for various Shib ecosystem applications, including DeFi, gaming, and DAOs.

UI Components

  • The SDK contains UI components like the Login/Logout Modal, Password/Passphrase Creation Modal, Authenticator setup etc to facilitate seamless DApp integration.
  • It even provides some UI components for the Signer interface is exposes.

Potential Applications

  • EOA Wallet: Allows users to seamlessly interact with Shib Ecosystem DApps by enabling quick wallet creation and the corresponding Signer interfaces.
  • Login: Simplifies user access to Shiba Web2 Applications like the Magazine which need an efficient login mechanism with a user EOA in the background.

Interoperability and Accessibility

  • Cross-Ecosystem Compatibility: Fully compatible with EIP standards and Shib Ecosystem DApps.
  • Interfacing with other SDKs: Provided Signer and Provider Interfaces used by several other Shib SDKs like Identity, AA, PDS and Data-Registry.
  • Low Barrier to Entry: Combines Web2 simplicity with Web3 flexibility, catering to users of all technical backgrounds.

SDK for Integration

The Shib EOA SDK is already published and can be used for integrating DApp Frontends to the corresponding Signer, Wallet-connect and Web3Auth Functionality and Share Backup Services.

The Shib EOA SDK bridges the gap between user-friendly Web2 solutions and secure Web3 infrastructure, empowering the Shib ecosystem to attract and retain a diverse user base while maintaining robust security and flexibility.