Phantom materializes ‘sign in with Solana’ wallet authentication

Phantom said it collaborated with Solana Labs to make the method compatible with Solana’s wallet standard, while also providing support for others within the ecosystem

article-image

Skorzewiak/Shutterstock, modified by Blockworks

share

Wallet service provider Phantom said Monday it has introduced a new feature allowing applications to authenticate users using a Solana address.

The introduction of Sign In With Solana (SIWS) is intended to improve the user experience and security by streamlining the traditional “connect” and “signMessage” flow into a single-click “signIn” method.

Traditionally, the connect function enables a user’s digital wallet to interact with an application, while “signMessage” allows the user to cryptographically verify their identity.

The message lacks human-readable information, which can sometimes lead to new and seasoned users agreeing to malicious prompts.

Even in cases when connecting a wallet to trusted applications, unexpected pop-up signatures can often confuse or frighten new users, Phantom said in a statement. This, in turn, can often be a major hurdle for new entrants, it said.

The one-click sign-in method, available as of Phantom version 23.11, allows Solana developers to prompt users to connect and sign a standardized authentication message and prove ownership of their addresses.

Designed as a drop-in replacement for the previous two-step authentication flow, the sign-in method also provides developers with a robust API for creating standardized authentication messages, Phantom said.

The responsibility for message construction shifts from applications to the wallet, allowing Phantom to scrutinize elements such as the site’s domain or the time of message issuance to ensure legitimacy.

It is unclear whether there could be fresh privacy concerns associated with the shift of responsibility in message construction. Blockworks has reached out to Phantom for comment.

In some instances, that construction may help slow or hinder the progress of malicious actors. That could help prevent instances like last year’s breach, when a coding error allowed hackers to easily find and use client passwords, leading to a breach in both Slope and Phantom wallets.

Private keys associated with the impacted wallets were either leaked or compromised, and these keys were then utilized to authorize fraudulent transactions, according to reports at the time.

The sign-in feature released on Monday makes authentication more consistent and allows Phantom to check for suspicious activity, its developers said.

Ethereum dapps similarly can facilitate a “sign in with Ethereum” feature using Ethereum Name Service (ENS), as part of a push for decentralized identity services.


Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Salt Lake City, UT

MON - TUES, OCT. 7 - 8, 2023

Blockworks and Bankless in collaboration with buidlbox are excited to announce the second installment of the Permissionless Hackathon – taking place October 7-8 in Salt Lake City, Utah. We’ve partnered with buidlbox to bring together the brightest minds in crypto for […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Research Report Cover Vertex.jpg

Research

The proliferation of new perp DEXs has led to fragmented liquidity across various DEXs and chains. Vertex, known for its vertically-integrated DEX that includes spot, perpetual, and integrated money markets, is now tackling cross-chain liquidity fragmentation through horizontal integration with the launch of new Edge instances. Vertex's integrated offerings and cross-margined account structure amplify the benefits of new instances: native cross-chain spot trading, optimized cross-chain basis trading, consistent interest rates, reduced bridging friction, and more.

article-image

Partnering with EtherFi and Angle, the fully on-chain perp DEX features bespoke collateral

article-image

Sponsored

Gavin Wood introduced the next evolutionary step for the Polkadot network: the Join-Accumulate Machine, or JAM

article-image

The side events were the places to be at Consensus 2024, according to attendees

article-image

Also, who’s come out swinging in the spot ether ETF fee war — and who could undercut them

article-image

I know it is not in their nature, but US regulators could learn a lot by researching the digital asset frameworks that overseas regulators have already gotten right

article-image

Also, the ETF hype train can count out at least one member