Sign-In with Ethereum - Rust Library Release

As mentioned in our previous update, we are currently working on additional language support in order to help bolster the adoption of Sign-In with Ethereum across any application. We're happy to announce the alpha release of our Rust library.

Sign-In with Ethereum - Rust Library Release

As mentioned in our previous update, we are currently working on additional language support in order to help bolster the adoption of Sign-In with Ethereum across any application. We're happy to announce the alpha release of our Rust library:

GitHub - spruceid/siwe-rs: A Rust implementation of EIP-4361 Sign In With Ethereum verification
A Rust implementation of EIP-4361 Sign In With Ethereum verification - GitHub - spruceid/siwe-rs: A Rust implementation of EIP-4361 Sign In With Ethereum verification

Sign-In with Ethereum can now be found and used as a crate, and easily installed in any Rust project by including it in the cargo.toml file as siwe = "0.1.2".

The repository has been dual-licensed under Apache-2.0 and MIT, making it as flexible and simple as possible for developers to use in their projects.


Using the Library

SIWE exposes a Message struct which implements EIP-4361.

Parsing a SIWE Message

Parsing is done via the Message implementation of FromStr:

let message: Message = string_message.parse()?;

Verifying and Authenticating a SIWE Message

Verification and Authentication is performed via EIP-191, using the address field of the Message as the expected signer. This returns the Ethereum public key of the signer:

let signer: Vec<u8> = message.verify_eip191(&signature)?;

The time constraints (expiry and not-before) can also be validated, at current or particular times:

if message.valid_now() { ... }; 

// equivalent to
if message.valid_at(&Utc::now()) { ... };

Combined verification of time constraints and authentication can be done in a single call with verify:

let signer: Vec<u8> = message.verify(&signature)?;

Serialization of a SIWE Message

Message instances can also be serialized as their EIP-4361 string representations via the Display implementation of Message:

println!("{}", &message);

As well as in EIP-191 Personal-Signature pre-hash signing input form (if your Ethereum wallet does not support EIP-191 directly):

let eip191_string: String = message.eip191_string()?;

And directly as the EIP-191 Personal-Signature Hashed signing-input (made over the .eip191_string output):

let eip191_hash: [u8; 32] = message.eip191_hash()?;

As Spruce, we are currently building out the functionality of our own software with this Rust library. The workflow we're building utilizes Sign-In with Ethereum to authenticate with Kepler for decentralized storage, all while leveraging session keys (with the delegation happening via the signing). We hope to announce more about this in the near future!

Maturity disclaimer: Our Rust library for Sign-In with Ethereum has not yet undergone a formal security audit. We welcome continued feedback on the usability, architecture, and security of this implementation.


If you're interested in integrating Sign-In with Ethereum into your dapp, app, or service, we are more than happy to help and provide any support we can. As we continue our work supporting Sign-In with Ethereum, we especially welcome implementers who already have users relying on similar workflows, authors of related EIPs, and wallet vendors who would like to do more to support user-owned identities to join us.

If you are interested in being involved, please join our Discord server: