Spruce Developer Update #13

At Spruce, we’re building the most secure and convenient developer tools to share authentic data. Here’s the latest from our development efforts!

Spruce Developer Update #13

At Spruce, we’re building the most secure and convenient developer tools to share authentic data. Here’s the latest from our development efforts:

with Ethereum

Sign-In with Ethereum is a new form of authentication that enables users to control their digital identity with their Ethereum account and ENS profile instead of relying on a traditional intermediary.

  • We have now publicly released login.xyz, which will serve as a homepage for the latest updates on Sign-In with Ethereum. Currently the latest specification, community call recordings and minutes, research, and supporters list are all available.
  • The draft specification of Sign-In with Ethereum is now available as an EIP (#4361). EIP-4361 defines how Ethereum accounts authenticate with off-chain services by signing a standard message format parameterized by scope, session details, and security mechanisms (e.g., a nonce). This specification is still currently undergoing review and is open for community feedback.
  • As we continue to work on Sign-In with Ethereum, part of our research necessitated an investigation into previous EIPs that sought to standardize the way decentralized identity is managed using Ethereum, as well as different ways of signing data. We recently released a blog post detailing that research.
  • We have now conducted over 25 interviews with dapps, wallets, developers, researchers, and more, spanning both the Web2 and Web3 ecosystems. This research is continually helping to shape Sign-In with Ethereum to ensure the greatest amount of both adoption and usability.
  • We have been hosting recurring community calls in order to encourage community participation and feedback as we create the specification and reference implementation. Call topics include but aren't limited to development progress, feedback, adoption paths for existing companies, privacy considerations, and more.


Kepler is a decentralized storage network organized around data overlays called Orbits. Kepler allows users to Securely share their digital credentials, private files, and sensitive media to blockchain accounts, all using your Web3 wallet.

  • Merged preliminary support for IPFS relay gateway to expose only one port publicly across many IPFS instances in the same daemon (kepler #57).
  • Merged support for delegated authorization and access control using blockchain accounts (kepler #54).
  • Merged support for session keys on the Kepler SDK, based on capabilities delegation to enable smooth UX that doesn't prompt the user for every menial action (kepler #28).
  • Implemented initial support for S3-interface compatible object storage on Kepler and Kepler SDK using IPLD for paths (kepler #29), (kepler #61).
  • Merged support for Orbit Manifests stored on Tezos (kepler #48).
  • Began work on Orbit Manifests stored on EVM-compatible chains and Ceramic Documents.


SpruceID is a decentralized identity toolkit that provides everything you need for signing, sharing, and verifying trusted information.


  • Implemented Verifiable Credential status checking with Revocation List 2020 (ssi#273).
  • Added initial library support for BBS cryptography (ssi#270).
  • Added initial support for BLS 12381 G2 key in did:key implementation (ssi#276)
  • Improved code formatting (ssi#284).
  • Support publicKeyHex, for legacy purposes (ssi#289).
  • Support conversion to publicKeyJwk for EcdsaSecp256k1VerificationKey2019 (ssi#290).
  • Following CAIP-30 for Solana blockchainAccountId (ssi#282).
  • Add additional checks for verification method at credential issuance time (ssi #253).
  • Update to use json-ld crate v0.4; various JSON-LD improvements (ssi#291).
  • Published to crates.io: ssi-contexts v0.1.1 (ssi#292), ssi v0.3.0 (ssi#296), did-pkh v0.1.0, did-tz v0.1.1, did-ethr v0.1.0, did-web v0.1.1, did-onion v0.1.1, did-method-key v0.1.2, did-webkey v0.1.0 (ssi#298), didkit v0.3.0 (didkit#216), didkit-cli v0.1.1 and didkit-http v0.1.1 (didkit#219).
  • Fixed string prefix bug (ssi#299).
  • Fixed EIP-712 type string parsing (ssi#302).
  • Use CAIP-10 in did:pkh (ssi#286).
  • Allow JWT VC with single-element credentialSubject array (ssi#313).
  • Update ZCAP-LD implementation for WASM (didkit#190).
  • Automated periodic testing of DIDKit installation (didkit#199).
  • Add DID Resolver Override (-R) option (didkit#209)
  • Remove ASM.js due to lack of use cases (didkit#205).
  • Disable did:sol implementation until can be brought into compliance with the registered spec (didkit#216).
  • Discovered and fixed a bug in a verifiable credential in VC (HTTP) API Test Suite (w3c-ccg/vc-http-api-test-suite#3).
  • Clarify the use of DIDKit via PyPI (didkit#200).
  • Various other minor bug fixes and improvements.

Rebase & Tezos Profiles

  • We're currently finalizing a complete refactor of Tezos Profiles' tested workflows into a library that will be able to work with any supported blockchain in DIDKit before its initial release to NPM (tzprofiles #160).

Spruce lets users control their data across the web. Through SpruceID and Kepler, Spruce provides an ecosystem of open source tools for developers that let users collect their data in one place that they control, and show their cards however they want. If you're curious about integrating Spruce's technology into your project, come chat with us in our Discord: