Today’s login experiences rely on accounts controlled by centralized identity providers, for-profit behemoths like Google, Facebook, and Apple. Identity providers often have sole discretion over the existence and use of users’ digital identities across the web, fundamentally at odds with the best interest of users.
The Ethereum Foundation and Ethereum Name Service (ENS) recently put forward a Request for Proposal for Sign-in with Ethereum, which will allow users to use their Ethereum accounts to access web services instead of accounts owned by large corporations. The Ethereum ecosystem already has tens of millions of monthly active wallet users signing with their cryptographic keys for financial transactions, community governance, and more. The security of these wallets has been proven across billions of dollars of digital assets at stake--not theoretical security, but real tests in production. These secure wallets can also be used to sign in to Web2 services.
We are excited to announce that Spruce’s proposal has been selected as the winner, and we have already begun delivery on the best practices survey, user research, specification draft, and reference implementation. Spruce is an open source software company focused solely on decentralized identity and data, evolving “not your keys, not your crypto” to “not your keys, not your identity.” We build cryptonative tools that help users manage their identity and data across platforms, such as our recent implementation of EIP-712 signing in Rust. We look forward to applying our years of experience in decentralized identity to this work.
We will be working closely with the teams at EF and ENS, ensuring that development will happen in the open, ample consideration is given to existing bodies of related work (existing implementations, EIPs, OpenID, IETF, W3C, etc.), and that the final result will be friendly to implementers while remaining vendor-neutral.
Many forward-looking web services such as OpenSea and Gitcoin already allow users to establish sessions with their Ethereum wallets, achieving low friction and passwordless authentication all at once. By standardizing this workflow, millions of Ethereum users will be able to use a digital identity that they fully control to seamlessly access the web.
If you are interested in being involved, please join our Discord server where most of the discussion will take place. We especially welcome implementers who already have users relying on similar workflows, authors of related EIPs, and wallet vendors who would like to do more to support user-owned identities.