In-App Wallet - Login with SIWE (#54)

Author: 0xFirekeeper

Thirdweb.Console/Program.cs

@@ -27,33 +27,44 @@
 var walletAddress = await privateKeyWallet.GetAddress();
 Console.WriteLine($"PK Wallet address: {walletAddress}");
 
-var erc20SmartWalletSepolia = await SmartWallet.Create(
-    personalWallet: privateKeyWallet,
-    chainId: 11155111, // sepolia
-    gasless: true,
-    erc20PaymasterAddress: "0xEc87d96E3F324Dcc828750b52994C6DC69C8162b", // deposit paymaster
-    erc20PaymasterToken: "0x94a9D9AC8a22534E3FaCa9F4e7F2E2cf85d5E4C8" // usdc
-);
-var erc20SmartWalletSepoliaAddress = await erc20SmartWalletSepolia.GetAddress();
-Console.WriteLine($"ERC20 Smart Wallet Sepolia address: {erc20SmartWalletSepoliaAddress}");
-
-var selfTransfer = await ThirdwebTransaction.Create(
-    wallet: erc20SmartWalletSepolia,
-    txInput: new ThirdwebTransactionInput() { From = erc20SmartWalletSepoliaAddress, To = erc20SmartWalletSepoliaAddress, },
-    chainId: 11155111
-);
-
-var estimateGas = await ThirdwebTransaction.EstimateGasCosts(selfTransfer);
-Console.WriteLine($"Self transfer gas estimate: {estimateGas.ether}");
-Console.WriteLine("Make sure you have enough USDC!");
-Console.ReadLine();
-
-var receipt = await ThirdwebTransaction.SendAndWaitForTransactionReceipt(selfTransfer);
-Console.WriteLine($"Self transfer receipt: {JsonConvert.SerializeObject(receipt, Formatting.Indented)}");
+var smartWalletSigner = await SmartWallet.Create(personalWallet: privateKeyWallet, chainId: 421614, gasless: true); // because why not
 
-// var chainData = await Utils.FetchThirdwebChainDataAsync(client, 421614);
-// Console.WriteLine($"Chain data: {JsonConvert.SerializeObject(chainData, Formatting.Indented)}");
-Console.WriteLine($"Wallet address: {walletAddress}");
+var inAppWalletSiwe = await InAppWallet.Create(client: client, authProvider: AuthProvider.Siwe);
+if (!await inAppWalletSiwe.IsConnected())
+{
+    _ = await inAppWalletSiwe.LoginWithSiwe(smartWalletSigner, 421614);
+}
+var inAppWalletSiweAddress = await inAppWalletSiwe.GetAddress();
+Console.WriteLine($"InAppWallet Siwe address: {inAppWalletSiweAddress}");
+
+
+// var erc20SmartWalletSepolia = await SmartWallet.Create(
+//     personalWallet: privateKeyWallet,
+//     chainId: 11155111, // sepolia
+//     gasless: true,
+//     erc20PaymasterAddress: "0xEc87d96E3F324Dcc828750b52994C6DC69C8162b", // deposit paymaster
+//     erc20PaymasterToken: "0x94a9D9AC8a22534E3FaCa9F4e7F2E2cf85d5E4C8" // usdc
+// );
+// var erc20SmartWalletSepoliaAddress = await erc20SmartWalletSepolia.GetAddress();
+// Console.WriteLine($"ERC20 Smart Wallet Sepolia address: {erc20SmartWalletSepoliaAddress}");
+
+// var selfTransfer = await ThirdwebTransaction.Create(
+//     wallet: erc20SmartWalletSepolia,
+//     txInput: new ThirdwebTransactionInput() { From = erc20SmartWalletSepoliaAddress, To = erc20SmartWalletSepoliaAddress, },
+//     chainId: 11155111
+// );
+
+// var estimateGas = await ThirdwebTransaction.EstimateGasCosts(selfTransfer);
+// Console.WriteLine($"Self transfer gas estimate: {estimateGas.ether}");
+// Console.WriteLine("Make sure you have enough USDC!");
+// Console.ReadLine();
+
+// var receipt = await ThirdwebTransaction.SendAndWaitForTransactionReceipt(selfTransfer);
+// Console.WriteLine($"Self transfer receipt: {JsonConvert.SerializeObject(receipt, Formatting.Indented)}");
+
+// // var chainData = await Utils.FetchThirdwebChainDataAsync(client, 421614);
+// // Console.WriteLine($"Chain data: {JsonConvert.SerializeObject(chainData, Formatting.Indented)}");
+// Console.WriteLine($"Wallet address: {walletAddress}");
 
 // // Self transfer 0 on chain 842
 // var tx = await ThirdwebTransaction.Create(

Thirdweb/Thirdweb.Wallets/IThirdwebWallet.cs

@@ -162,12 +162,6 @@ public struct LoginPayload
     [Serializable]
     public class LoginPayloadData
     {
-        /// <summary>
-        /// Gets or sets the type of the login payload.
-        /// </summary>
-        [JsonProperty("type")]
-        public string Type { get; set; }
-
         /// <summary>
         /// Gets or sets the domain of the login payload.
         /// </summary>
@@ -237,9 +231,6 @@ public class LoginPayloadData
         /// <summary>
         /// Initializes a new instance of the <see cref="LoginPayloadData"/> class.
         /// </summary>
-        public LoginPayloadData()
-        {
-            Type = "evm";
-        }
+        public LoginPayloadData() { }
     }
 }

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet.Authentication/Server.cs

@@ -12,7 +12,8 @@ internal abstract class ServerBase
         internal abstract Task<(string authShare, string recoveryShare)> FetchAuthAndRecoverySharesAsync(string authToken);
         internal abstract Task<string> FetchAuthShareAsync(string authToken);
 
-        internal abstract Task<string> FetchHeadlessOauthLoginLinkAsync(string authProvider, string platform);
+        internal abstract Task<LoginPayloadData> FetchSiwePayloadAsync(string address, string chainId);
+        internal abstract Task<Server.VerifyResult> VerifySiweAsync(LoginPayloadData payload, string signature);
 
         internal abstract Task<string> SendEmailOtpAsync(string emailAddress);
         internal abstract Task<Server.VerifyResult> VerifyEmailOtpAsync(string emailAddress, string otp);
@@ -22,6 +23,7 @@ internal abstract class ServerBase
 
         internal abstract Task<Server.VerifyResult> VerifyJwtAsync(string jwtToken);
 
+        internal abstract Task<string> FetchHeadlessOauthLoginLinkAsync(string authProvider, string platform);
         internal abstract Task<Server.VerifyResult> VerifyOAuthAsync(string authResultStr);
 
         internal abstract Task<Server.VerifyResult> VerifyAuthEndpointAsync(string payload);
@@ -142,7 +144,28 @@ private async Task<IdTokenResponse> FetchCognitoIdTokenAsync(string authToken)
             return await DeserializeAsync<IdTokenResponse>(response).ConfigureAwait(false);
         }
 
-        // embedded-wallet/headless-oauth-login-link
+        // login/siwe
+        internal override async Task<LoginPayloadData> FetchSiwePayloadAsync(string address, string chainId)
+        {
+            var uri = MakeUri2024("/login/siwe", new Dictionary<string, string> { { "address", address }, { "chainId", chainId } });
+            var response = await httpClient.GetAsync(uri.ToString()).ConfigureAwait(false);
+            await CheckStatusCodeAsync(response).ConfigureAwait(false);
+
+            return await DeserializeAsync<LoginPayloadData>(response).ConfigureAwait(false);
+        }
+
+        internal override async Task<VerifyResult> VerifySiweAsync(LoginPayloadData payload, string signature)
+        {
+            var uri = MakeUri2024("/login/siwe/callback");
+            var content = MakeHttpContent(new { signature = signature, payload = payload });
+            var response = await httpClient.PostAsync(uri.ToString(), content).ConfigureAwait(false);
+            await CheckStatusCodeAsync(response).ConfigureAwait(false);
+
+            var authResult = await DeserializeAsync<AuthResultType>(response).ConfigureAwait(false);
+            return await InvokeAuthResultLambdaAsync(authResult).ConfigureAwait(false);
+        }
+
+        // login/oauthprovider
         internal override Task<string> FetchHeadlessOauthLoginLinkAsync(string authProvider, string platform)
         {
             return Task.FromResult(MakeUri2024($"/login/{authProvider}", new Dictionary<string, string> { { "clientId", clientId }, { "platform", platform } }).ToString());

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet/EmbeddedWallet.OAuth.cs

@@ -14,12 +14,5 @@ public async Task<string> FetchHeadlessOauthLoginLinkAsync(string authProvider,
         {
             return await server.FetchHeadlessOauthLoginLinkAsync(authProvider, platform).ConfigureAwait(false);
         }
-
-        public async Task<bool> IsRecoveryCodeNeededAsync(string authResultStr)
-        {
-            var authResult = JsonConvert.DeserializeObject<Server.AuthResultType>(authResultStr);
-            var userWallet = await server.FetchUserDetailsAsync(authResult.StoredToken.AuthDetails.Email, null).ConfigureAwait(false);
-            return userWallet.RecoveryShareManagement == "USER_MANAGED" && !userWallet.IsNewUser && localStorage.Data?.DeviceShare == null;
-        }
     }
 }

Thirdweb/Thirdweb.Wallets/InAppWallet/EmbeddedWallet/EmbeddedWallet.SIWE.cs

@@ -0,0 +1,18 @@
+using System.Numerics;
+
+namespace Thirdweb.EWS
+{
+    internal partial class EmbeddedWallet
+    {
+        public async Task<VerifyResult> SignInWithSiweAsync(IThirdwebWallet signer, BigInteger chainId)
+        {
+            var address = await signer.GetAddress().ConfigureAwait(false);
+            var payload = await server.FetchSiwePayloadAsync(address, chainId.ToString()).ConfigureAwait(false);
+            var payloadMsg = Utils.GenerateSIWE(payload);
+            var signature = await signer.PersonalSign(payloadMsg).ConfigureAwait(false);
+
+            var result = await server.VerifySiweAsync(payload, signature).ConfigureAwait(false);
+            return await PostAuthSetup(result, address, null).ConfigureAwait(false);
+        }
+    }
+}

Thirdweb/Thirdweb.Wallets/InAppWallet/InAppWallet.cs

@@ -1,3 +1,4 @@
+using System.Numerics;
 using System.Web;
 using Nethereum.Signer;
 using Thirdweb.EWS;
@@ -17,7 +18,8 @@ public enum AuthProvider
         AuthEndpoint,
         Discord,
         Farcaster,
-        Telegram
+        Telegram,
+        Siwe
     }
 
     /// <summary>
@@ -72,6 +74,7 @@ public static async Task<InAppWallet> Create(
                 AuthProvider.Discord => "Discord",
                 AuthProvider.Farcaster => "Farcaster",
                 AuthProvider.Telegram => "Telegram",
+                AuthProvider.Siwe => "Siwe",
                 AuthProvider.Default => string.IsNullOrEmpty(email) ? "Phone" : "Email",
                 _ => throw new ArgumentException("Invalid AuthProvider"),
             };
@@ -257,14 +260,56 @@ public Task<string> GetPhoneNumber()
 
         #endregion
 
+        #region SIWE Flow
+
+        /// <summary>
+        /// Logs in with SIWE (Sign-In with Ethereum).
+        /// </summary>
+        /// <param name="signer">The wallet that will be used to sign the SIWE payload</param>
+        /// <param name="chainId">The chain ID to use for signing the SIWE payload</param>
+        /// <returns>A task representing the asynchronous operation. The task result contains the address.</returns>
+        /// <exception cref="ArgumentNullException">Thrown when external wallet is not provided.</exception>
+        /// <exception cref="InvalidOperationException">Thrown when the external wallet is not connected.</exception>
+        /// <exception cref="ArgumentException">Thrown when chain ID is invalid.</exception>
+        public async Task<string> LoginWithSiwe(IThirdwebWallet signer, BigInteger chainId)
+        {
+            if (signer == null)
+            {
+                throw new ArgumentNullException(nameof(signer), "Signer wallet cannot be null.");
+            }
+
+            if (!await signer.IsConnected().ConfigureAwait(false))
+            {
+                throw new InvalidOperationException("Signer wallet must be connected as this operation requires it to sign a message.");
+            }
+
+            if (chainId <= 0)
+            {
+                throw new ArgumentException(nameof(chainId), "Chain ID must be greater than 0.");
+            }
+
+            var res = await _embeddedWallet.SignInWithSiweAsync(signer, chainId);
+
+            if (res.User == null)
+            {
+                throw new Exception("Failed to login with SIWE");
+            }
+
+            _ecKey = new EthECKey(res.User.Account.PrivateKey);
+
+            return await GetAddress();
+        }
+
+        #endregion
+
         #region JWT Flow
 
         /// <summary>
         /// Logs in with a JWT.
         /// </summary>
         /// <param name="jwt">The JWT to use for authentication.</param>
         /// <param name="encryptionKey">The encryption key to use.</param>
-        /// <returns>A task representing the asynchronous operation. The task result contains the login result.</returns>
+        /// <returns>A task representing the asynchronous operation. The task result contains the address.</returns>
         /// <exception cref="ArgumentException">Thrown when JWT or encryption key is not provided.</exception>
         /// <exception cref="Exception">Thrown when the login fails.</exception>
         public async Task<string> LoginWithJWT(string jwt, string encryptionKey)