Skip to main content

EVM Wallet Authentication

This section covers EVM wallet-based authentication operations available in the GraphQL Main API. The API supports authentication using Ethereum and other EVM-compatible blockchain wallets, allowing users to sign messages to prove ownership of their wallets.

Mutations​

generateEvmWalletAuthMessage​

Generate a message that needs to be signed by the EVM wallet for authentication.

mutation GenerateEvmWalletAuthMessage(
  $input: GenerateEvmWalletAuthMessageInput!
) {
  generateEvmWalletAuthMessage(input: $input)
}

Input:

input GenerateEvmWalletAuthMessageInput {
  address: String!         // The EVM wallet address for authentication
  fingerprint: String!     // Device fingerprint for additional security
  type: String            // Optional type parameter for specific wallet authentication flow
  evmChainName: String    // Optional name of the EVM chain (Ethereum, Polygon, etc.)
}

Returns:

  • String: A message that should be signed by the EVM wallet

Example Input:

mutation {
  generateEvmWalletAuthMessage(
    input: {
      address: "0x71C7656EC7ab88b098defB751B7401B5f6d8976F"
      fingerprint: "device-fingerprint-123"
      evmChainName: "ETH"
    }
  )
}

Example Output:

{
  "data": {
    "generateEvmWalletAuthMessage": "Welcome to BlockBet! Please sign this message to verify your wallet ownership. Nonce: 12345678. Time: 2023-12-25T12:34:56Z"
  }
}

linkEvmWallet​

Link an EVM wallet to an existing user account.

mutation LinkEvmWallet($input: LinkEvmWalletInput!) {
  linkEvmWallet(input: $input) {
    id
    username
    email
    # other user fields
  }
}

Input:

input LinkEvmWalletInput {
  address: String!        // The EVM wallet address to link
  signature: String!      // The signature proving ownership of the wallet
  evmChainName: String!   // The name of the EVM chain (Ethereum, Polygon, etc.)
}

Returns:

  • UserModel: The updated user object after linking the EVM wallet

Example Input:

mutation {
  linkEvmWallet(
    input: {
      address: "0x71C7656EC7ab88b098defB751B7401B5f6d8976F"
      signature: "0x4d3af44ca28df2f6a93a467366207f05cdb79d1f87933fa18f3a4d4e7036b9cc3a6b0c3a6a28c99c5d9e96288c8bfb746c33d69e7439a481c6bdd44411ff39c41b"
      evmChainName: "ETH"
    }
  ) {
    id
    username
    email
  }
}

Example Output:

{
  "data": {
    "linkEvmWallet": {
      "id": "user_12345abcde",
      "username": "johndoe123",
      "email": "johndoe@example.com"
    }
  }
}

unlinkEvmWallet​

Unlink an EVM wallet from a user account.

mutation UnlinkEvmWallet($input: UnlinkEvmWalletInput!) {
  unlinkEvmWallet(input: $input) {
    id
    username
    email
    # other user fields
  }
}

Input:

input UnlinkEvmWalletInput {
  address: String!        // The EVM wallet address to unlink
  evmChainName: String!   // The name of the EVM chain (Ethereum, Polygon, etc.)
}

Returns:

  • UserModel: The updated user object after unlinking the EVM wallet

Example Input:

mutation {
  unlinkEvmWallet(
    input: {
      address: "0x71C7656EC7ab88b098defB751B7401B5f6d8976F"
      evmChainName: "ETH"
    }
  ) {
    id
    username
    email
  }
}

Example Output:

{
  "data": {
    "unlinkEvmWallet": {
      "id": "user_12345abcde",
      "username": "johndoe123",
      "email": "johndoe@example.com"
    }
  }
}

EVM Wallet Authentication Flow​

  1. Generate Authentication Message:

    • Call generateEvmWalletAuthMessage with the wallet address, chain name, and device fingerprint
    • Receive a unique message that needs to be signed

  2. Sign the Message:

    • Use the EVM wallet to sign the generated message (typically via Web3.js, ethers.js, or a wallet provider like MetaMask)
    • This proves ownership of the private key associated with the wallet address

  3. Authenticate:

    • Use the wallet address, signature, and chain name in an authentication endpoint
    • The API verifies the signature and authenticates the user

  4. Link or Unlink Wallet (Optional):

    • Use linkEvmWallet to connect a wallet to an existing account
    • Use unlinkEvmWallet to remove a wallet connection

Supported Networks​

EVM wallet authentication supports various Ethereum-compatible networks, including:

  • Ethereum Mainnet
  • Ethereum Testnets (Goerli, Sepolia, etc.)
  • Other EVM-compatible chains (Polygon, Binance Smart Chain, Avalanche, etc.)

Security Considerations​

  • The message to be signed follows the EIP-191 standard for Ethereum signed messages
  • The message includes a timestamp and nonce to prevent replay attacks
  • The API verifies that the wallet address recovered from the signature matches the provided address using ecrecover
  • Ensure that the signing process is done in a secure environment
  • The wallet linking process requires an already authenticated session
  • Device fingerprinting adds an additional layer of security
  • Chain-specific verification ensures the correct network is being used