Sign-In with Ethereum
This crate provides a pure Rust implementation of EIP-4361: Sign In With Ethereum.
Installation
SIWE can be easily installed in any Rust project by including it in said project's cargo.toml file:
= "0.4"
Usage
SIWE exposes a Message struct which implements EIP-4361.
Parsing a SIWE Message
Parsing is done via the Message implementation of FromStr:
let message: Message = string_message.parse?;
Verifying and Authenticating a SIWE Message
Verification and Authentication is performed via EIP-191, using the address field of the Message as the expected signer. This returns the Ethereum public key of the signer:
let signer: = message.verify_eip191?;
The time constraints (expiry and not-before) can also be validated, at current or particular times:
if message.valid_now ;
// equivalent to
if message.valid_at ;
Combined verification of time constraints and authentication can be done in a single call with verify:
let signer: = message.verify?;
Serialization of a SIWE Message
Message instances can also be serialized as their EIP-4361 string representations via the Display implementation of Message:
println!;
As well as in EIP-191 Personal-Signature pre-hash signing input form (if your Ethereum wallet does not support EIP-191 directly):
let eip191_string: String = message.eip191_string?;
And directly as the EIP-191 Personal-Signature Hashed signing-input (made over the .eip191_string output):
let eip191_hash: = message.eip191_hash?;
Example
Parsing and verifying a Message is easy:
let message: Message = str.parse?;
let signature: ;
if let Err = message.verify
// do application-specific things
Disclaimer
Our Rust library for Sign-In with Ethereum has not yet undergone a formal security audit. We welcome continued feedback on the usability, architecture, and security of this implementation.