SpruceID Developer Update #34

At SpruceID, we’re letting users control their identity and data across the web. Here’s the latest from our development efforts across our libraries.

SpruceID Developer Update #34

In case you missed it, check out our previous update here:

Spruce Developer Update #33
At Spruce, we’re letting users control their identity and data across the web. Here’s the latest from our development efforts across our libraries.

At SpruceID, we’re letting users control their identity and data across the web. Here’s the latest from our development efforts:


Last month we announced SpruceKit, a collection of libraries that power your application to accept digital credentials from users on their terms, originate trusted information for users, and interact with user data vaults. SpruceKit consists of the following open-source libraries:

  • SSX
  • Sign-in with Ethereum
  • DIDKit
  • TreeLDR
  • SpruceKit also provides access to Kepler and Rebase


SSX (Self-Sovereign Anything) is the easiest way to integrate Sign-In with Ethereum, enable DAO logins, resolve ENS names, and more. It is the go-to library for developers in Web3 to get started with decentralized identity.

  • Upgraded documentation: With the release of SpruceKit, our documentation has been updated to include all SpruceKit libraries and can now be found at: https://www.sprucekit.dev/. The previous version of our documentation can be found at: https://v1.ssx.id/.
  • Reworked architecture and released SSX 2.0 (#146): This month, we reworked the library architecture of SSX. The previous functions of SSX have been moved into a new module named UserAuthorization that is responsible for end-user signing-related operations. A new storage module was added, which provides functionality to store and retrieve data in Kepler. Check out the SSX v2.x Docs.
  • Enabled customizability: @spruceid/ssx-react no longer depends on wagmi. Instead, function hooks must be defined and used as arguments to the component.
    onChangeAccount is replaced by watchProvider property, allowing for more customizability
    web3Provider.providerLoaded property was removed
    useSSX now returns the ssx instance and the provider
    Now watchProvider is the new interface for listening to provider changes. You must set up this function to be called whenever an interaction with the user happens. An example of how to do it can be found here
  • Credential modules (#150): We’ve added Credential Modules, which allow you to fetch credentials issued on SpruceKit Credential Issuer. Our Credential Issuer, Quest, can now be used as a faucet for credentials.
  • Sprouts Example Apps: Last month we released the Sprouts, SpruceKit example apps. These apps recreate popular consumer experiences with decentralized identity baked into the user experience. Check out SpruceKit open-source libraries in action with our three demo apps:
Introducing the Sprouts: SpruceKit Example Apps
We’re excited to release three new reference apps, the Sprouts, that demonstrate how you can leverage the SpruceKit open source libraries to introduce decentralized identity in the next app you build.

with Ethereum

Sign-In with Ethereum is a new form of authentication that enables users to control their digital identity with their Ethereum account and ENS profile instead of relying on a traditional intermediary.

  • SIWE 2.1.4 released: Includes support to ethers@6 alongside with ethers@5 and raises minimum version to 5.6.8 due to relevant security fix (), and setup for Node 18 and updates CI ()
  • SIWE-oidc migrated to WalletConnect v2(siwe-oidc#68).
  • Improved examples and documentation for siwe-rs:(siwe-rs#53)


Kepler is a decentralized storage network organized around data overlays called Orbits. Kepler allows users to Securely share their digital credentials, private files, and sensitive media to blockchain accounts, all using your Web3 wallet.

  • Host key derivation from static secret: moves host key management into the OrbitDatabase in kepler-core via the Secrets trait and provides an implementation of the trait based on simple per-orbit derivation from a static secret (#146)
  • did:key for peer IDs: Currently peers are represented in delegations by URIs of the form peer:<PEER-ID>, which is neither a proper URI or a DID. We have recently added a way to get a did:key DID to identify hosts (#151)


DIDKit provides Verifiable Credential and Decentralized Identifier functionality across different platforms. DIDKit's core libraries are written in Rust due to Rust's expressive type system, memory safety, simple dependency web, and suitability across different platforms including embedded systems, but the comprehensive DIDKit SDK includes many libraries and interfaces for using it almost everywhere.

  • Fixed key retrieval: We’ve fixed keys retrieval for verifiable credentials HTTP API issuance (didkit#362)
  • Major refactor: A major refactor is underway to integrate with TreeLDR and improve our implementation of the various Verifiable Credentials and Decentralized ID specifications (ssi#508)
  • Port support for did:web: we’ve added support for did:web with a port in SSI (ssi#519)

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions. If you're curious about integrating SpruceID's technology into your project, come chat with us in our Discord.