Content
@
0 reply
0 recast
0 reaction
Brian Li ๐๐พ
@bli
Got a question about signatures. If youโre looking to connect a wallet to an account with a signature, what would you use to prevent replay attacks? Farcaster uses the blockHash. OpenSea uses a random cryptographic nonce. Transactions use the nonce of the address. Which is right for linking accounts?
1 reply
0 recast
2 reactions
Greg
@greg
For anything more than a weekend project Iโd probs use the SIWE standard https://login.xyz/ It uses a nonce with an optional expiration timestamp There should be many open source examples of it
1 reply
0 recast
5 reactions
Brian Li ๐๐พ
@bli
Ty! What about if you have a mobile app and a website and you might have a changing domain/bundle identifier that is hard to verify?
2 replies
0 recast
0 reaction