Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[bug] Invalid signature when using smart accounts with SIWE #3260

Open
kenjicncr opened this issue Nov 19, 2024 · 4 comments
Open

[bug] Invalid signature when using smart accounts with SIWE #3260

kenjicncr opened this issue Nov 19, 2024 · 4 comments
Labels
bug Something isn't working needs review

Comments

@kenjicncr
Copy link

Link to minimal reproducible example

https://github.com/reown-com/web-examples/tree/main/dapps/appkit-siwe

Summary

Description

When attempting to sign in with a smart account using Sign-In with Ethereum (SIWE), the signature verification is failing despite the signature being correctly formatted and coming from a valid smart account.

Since email sign-ups default to smart accounts, this make them unuseable for verifcation

Current Behavior

  • Smart account signature verification fails with "Invalid signature" error
  • The signature is properly formatted and starts with 0x
  • Using @reown/appkit-siwe for verification

Expected Behavior

  • Smart account signatures should be properly verified
  • Authentication should succeed with valid smart account signatures

Reproduction Steps

  1. Set up Next.js app with @reown/appkit-siwe
  2. Configure NextAuth with SIWE
  3. Attempt to sign in with a smart account
  4. Observe signature verification failure

Example Signature

0x0000000000000000000000004e1dcf7ad4e460cfd30791ccc4f9c8a4f820ec67000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000003c000000000000000000000000000000000000000000000000000000000000003241688f0b900000000000000000000000041675c099f32341bf84bfc5382af534df5c7461a0000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000007a6733696a79300000000000000000000000000000000000000000000000000000000000000000000284b63e800d...

Environment

  • Next.js App Router
  • @reown/appkit-siwe: latest
  • next-auth: latest

Additional Context

The signature format indicates this is coming from a smart account rather than an EOA wallet. The verification process needs to handle smart account signatures differently from regular EOA signatures.

List of related npm package versions

@reown/appkit-siwe: latest
next-auth: latest

@kenjicncr kenjicncr added bug Something isn't working needs review labels Nov 19, 2024
@elix1er
Copy link

elix1er commented Nov 19, 2024

got the same. drove me nuts. wait for appkit // siwe v1.5.0 release bump soon, fixes been FINALLY merged. 🚀

@elix1er
Copy link

elix1er commented Nov 19, 2024

@magiziz ETA public release ?

@kenjicncr
Copy link
Author

@elix1er thanks glad i'm not the only one.

for some reason, one click sign w/ solana stopped working as well. the modal just stopped showing anymore

@elix1er
Copy link

elix1er commented Nov 27, 2024

pull the latest now. or @canary.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working needs review
Projects
None yet
Development

No branches or pull requests

2 participants