Introducing Sign In With Tezos (SIWT) from StakeNow
A closer look at Sign In With Tezos (SIWT) from the StakeNow team and how it helps support Tezos-based decentralized applications.
Originally published at Tezos Commons News
1,350 words, 7 minute read
If you’ve ever created an account for a subscription based service or platform, you’ve likely encountered the option to sign in with either Google, Facebook, or others.
That said, as blockchain continues to permeate the mainstream culture with new and exciting ways to connect one another digitally, why not enable the same ability to use your Tezos digital wallet as you would with a Google or Facebook account?
That’s essentially what SIWT does for Tezos based DApps. Let’s dive deeper into it and explore some of the motivations from the StakeNow team for its development.
What is Sign-in with Tezos? #
SIWT is a library that supports the development of Tezos-based dApps by simplifying access control for users and developers alike. This is different from wallets like Kukai which enable a DirectAuth feature for signing into your Tezos digital wallet.
SIWT allows for server-side authentication, allowing developers to use your Tezos address for things like private chats, personal services, games, and more. In fact, along with the recent demo of SIWT that was released there is also a discord bot enabling access to specific channels based on their Tezos address.
One can think back to the example posed in the beginning of the article, using your Tezos wallet to the same extent as a Google or Facebook account. Going through the latter method, you’re effectively using a centralized service where your data passes through and can be sold to the highest bidder. This isn’t the case here as the access rules are recorded by a public ledger and account ownership can now be proven without sensitive information ever being transmitted.
Which after all, isn’t that the whole point of your data? To be owned and controlled by you (the end user)?
Heading over to the demo, you have the option to choose mainnet or testnet (ghostnet). After doing that, you can check whether a user holds a certain NFT, XTZ balance, token balance, or an allowlist. For instance, if you want to setup a private room where one of the requirements is the need of a minimum of 1000 XTZ in your wallet, you can set this access requirement and the comparative changes will show in the access control query to the right of the screen.
Additionally, you’re also able to define policies for when a user signs a message verifying their Tezos address in which they will agree to the policies that you have set forth like a short form of terms and conditions and failure to do so will prevent them from using the DApp.
In terms of applications of SIWT, they span quite far. For instance, SIWT could enable a Tezos-based gaming platform to grant access to exclusive content, in-game items, and much more. Another example, is in e-commerce. Integrating SIWT into your e-commerce platform can allow users to access exclusive content or certain items based on the tokens they hold.
The list goes on.
If you’re a developer wishing to implement Tezos wallet access controls for exciting use cases in your DApps, head over to the docs and get started today!
Key Insight from Roy Scheeren #
Roy is head of development for StakeNow, a Tezos Foundation grantee, and public baker on the Tezos network. StakeNow has been actively involved in the Tezos ecosystem developing applications like StakeNow.fi. We sat down with Roy to discuss some of the motivations behind SIWT and the potential applications that can spring up from it.
Can you tell us about the motivation behind creating SIWT?
We’ve been building StakeNow.fi for a while. Eventually, within that app, we wanted to find ways to monetize it. We came up with subscriptions but disregarded them as we didn’t really want to have fiat-powered subscriptions in a web3 environment. It didn’t make a lot of sense.
So, we came up with the idea that we could use NFTs instead as proof of a subscription and a whole lot of functionality could be added to that. Your subscription could be a nice piece of art on Tezos. With that, we entered the Tezos Encode Hackathon last year and won it getting us a bit of traction and feedback on our proof of concept.
We decided to ask the Tezos Foundation for a grant to get it more to where we wanted it. We then expanded it and standardized a few things to the point where if anyone wanted access control on their Tezos dApp, they could use SIWT for setting up any sort of access rules and then validating against that.
Practically speaking, a user will be able to sign into a Tezos dApp using beacon. Then, the developer can choose to use a signer message to prove the key they’re signing in with is owned by that specific user. That is already the first interesting step and we’ve worked at standardizing this process to give a little more trust to the end user that they’re not just signing something random.
What possible use cases can we see now or down line with SIWT?
Airdrops and the prefiltering of users before minting are very much indeed a use case of SIWT. Whether or not you do that by an allowlist, another scenario could be a high-value drop say of 1000 tez each. You could specify if a user does not have 1000 tez in the wallet they’re trying to connect with they will be “bounced” and unable to make it to the minting page. So, that can already help filter out a bunch of traffic there and make the minting process nicer.
We also have a discord bot where you could use SIWT to give your users access to specific channels based on these types of requirements. This is similar to how Guild.xyz works on Ethereum. In our case, you will have to set up this bot on your own.
There is still a lot of upside in recurring subscriptions or selling Tezos tickets. Essentially, giving someone the opportunity to do a certain action at a certain time. So, if someone were to buy a certain number of tickets then SIWT could be used to check and see if there are any tickets left. We’re also in the process of writing a couple of smart contracts that would facilitate the use of NFTs as subscriptions in what we think is an ideal way.
If you take it even further, you could also see this used for event entrances. Instead of buying a ticket on Ticketmaster, you could get an NFT sent to your wallet and use that NFT to get access to an event for instance. What could be even cooler is as soon as you sign in with your wallet into that event, some of the sponsors can then send you a number of tickets to allow you to claim some stuff at the booth as we witnessed at Tez Dev last year. All of these things could be built on top of this basic framework.
Another thing we’re looking into is a decentralized identity. So, if you connected to a wallet with certain decentralized ID available, SIWT would be able to check the requirements on your ID. Instead of having an NFT to log in, you would have a verifiable credential to log in to certain sites or events. That would be able to happen on-chain as well instead of a proprietary database.
Looking Forward #
As Tezos continues to evolve, so do the applications and tools around the ecosystem. With SIWT, Tezos based developers will now have the ability to enable new and exciting use cases for their users in their dApps. From educational platforms, NFT marketplaces, e-commerce, and more. The potential applications of simplifying access control are vast and many. What are you waiting for? Head over to the documentation and get started today!