Welcome to the Solana Auth Specification repository. This document serves as the base working document to sketch out what we want to build before starting development.
Solana Auth aims to provide a robust, open-source authentication solution with first-party support for Solana. This specification outlines the core features for the first iteration of the Solana Auth library.
The goal is to provide an easy-to-use, secure, and flexible package that can be integrated into any application or service that requires users to authenticate with their Solana wallets.
At this point in time we will focus on formalizing existing best practices and standards instead of creating a new authentication protocol from scratch.
Authenticate users using SIWS, currently supported by the browser extensions Backpack and Phantom.
Example Use Case: A web application that requires users to authenticate using their Solana wallets.
Authenticate users by signing a message using their Solana wallet. This method is suitable for browser extensions that don't support SIWS (like Solflare and others). It is also suitable for command-line applications and scripts, APIs or AI agents that require a secure way to verify their identity.
Example Use Case: A command-line tool that needs to authenticate users securely.
Authenticate users by signing a transaction using their Solana wallet. This method is suitable for browser extensions in combination with a Ledger wallet. In this flow, the transaction is signed but not sent to the network.
Example Use Case: A web application that uses Ledger wallets for secure transactions.
Authenticate users by signing an offchain message using the Solana cli.
Example Use Case: A script that needs to authenticate users offchain, without relying on a browser extension.
This list is not exhaustive and is subject to change.
- Create specification.
- Setup repository and basic document structure.
- Specify features.
- Specify api for the library based on the features.
- Create prototype to verify the specification.
- Quick and dirty prototype of the library.
- Example application that consumes the library.
- Spec out initial implementation.
- Create detailed specification for the library, test, docs and examples.
- Implement the library according to the specification.
- Create the demo applications.
- Write documentation.
- Get in tough with us on Telegram or X to discuss your ideas.
- Use pull requests (PRs) to propose changes to this spec.
This document is a work in progress. Please feel free to open pull requests (PRs) to propose changes and improvements.