Skip to content

v0.0.8 — ERC-8128 HTTP Message Signatures

Choose a tag to compare

View all tags
@limone-eth limone-eth released this 09 Feb 18:20
· 212 commits to main since this release
v0.0.8
dd60360
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

Replace JWT authentication with ERC-8128 HTTP Message Signatures and stateless HMAC receipts for a more secure, stateless auth model.

New SDK Modules

  • @buildersgarden/siwa/receiptcreateReceipt() / verifyReceipt() for stateless HMAC-signed verification receipts
  • @buildersgarden/siwa/erc8128signAuthenticatedRequest() / verifyAuthenticatedRequest() for per-request HTTP Message Signatures, plus expressToFetchRequest() adapter

Other Changes

  • Added signRawMessage() to keystore (raw bytes signing without EIP-191 prefix)
  • Keyring proxy /sign-message now accepts raw: true for ERC-8128
  • Removed jsonwebtoken dependency from testing and website packages
  • Updated all docs (SKILL.md, CLAUDE.md, siwa-spec.md) for the new auth model
  • Added test-erc8128 CLI command (8 integration tests)

Full Changelog: v0.0.7...v0.0.8

Assets 2
Loading