DeroAuth

Sign in with your
DERO wallet

No email. No password. Just a cryptographic proof of wallet ownership. Privacy-preserving authentication that never exposes your transaction history.

Get Started View Source

See it in action

The full authentication flow — from wallet connection to JWT session — in under 10 seconds.

DeroAuth — Wallet Authentication

No email. No password. Just your wallet.

Features

Built for privacy

Unlike Ethereum auth, authenticating with DERO doesn't expose your transaction history.

Schnorr on BN256

Pure TypeScript signature verification using @noble/curves. No wallet needed server-side — just math.

JWT Sessions

Standard token-based sessions with 24-hour expiry. Compatible with any session middleware.

Domain-Bound Challenges

SIWE-style messages tied to your domain with nonce-based replay protection. 5-minute expiry.

Zero Personal Data

No email, no password, no name. Just a cryptographic address that reveals nothing about on-chain activity.

XSWD Protocol

WebSocket connection to DERO wallets (Engram, CLI). No browser extension required.

Redis-Ready

Atomic nonce consumption with Lua scripts for distributed deployments. In-memory for dev.

A few lines of code

Drop-in React component and Next.js API handlers. Production-ready out of the box.

auth-example.tsx

import { SignInWithDero } from "dero-auth/react";
import { createAuthHandlers } from "dero-auth/next";

// React: Drop-in button
export function LoginPage() {
  return (
    <SignInWithDero
      onSuccess={(session) => {
        console.log("Wallet:", session.address);
        console.log("JWT:", session.token);
      }}
    />
  );
}

// Next.js: API route handlers
export const { GET, POST } = createAuthHandlers({
  jwtSecret: process.env.JWT_SECRET!,
  domain: "myapp.com",
});

Sign in with yourDERO wallet