A Sui zkLogin end-to-end implementation.
It shows how to use Google/Twitch/Facebook to create a Sui zkLogin address and send a transaction.
The code is meant to be as simple as possible to demonstrate how to put all the pieces together.
The app is live here: https://zklogin-demo.polymedia.app
Official docs: https://docs.sui.io/concepts/cryptography/zklogin
You'll need to create a developer account on Google/Twitch/Facebook. Then, create an "app" from which you can obtain the Client ID to populate your web/src/config.json
.
Developer consoles: Google, Twitch, Facebook.
Docs: https://docs.sui.io/concepts/cryptography/zklogin#configure-a-developer-account-with-openid-provider
This is a simple React app. The code is meant to be a tutorial for how to implement Sui zkLogin, and there are comments that explain the different steps.
All the relevant code is in web/src/App.tsx
Create and modify config.json
:
cp web/src/config.example.json web/src/config.json
Run the app locally:
cd web/
pnpm install
pnpm dev
Keep your browser console open so you can see debug and error messages.
This app uses the devnet prover that's maintained by Mysten Labs.
Alternatively, you can run your own prover: https://docs.sui.io/concepts/cryptography/zklogin#run-the-proving-service-in-your-backend
This app uses a hard-coded value for the salt so it works out of the box without any further setup.
In production you have a few alternatives:
-
You can use the salt service that's maintained by Mysten Labs (you'll have to contact them to get whitelisted).
-
You can ask the user to provide the salt, who must then remember it as if it were a password.
-
You can run your own salt service to return a unique salt for each user.
https://docs.sui.io/concepts/cryptography/zklogin#user-salt-management
Official Docs
https://docs.sui.io/concepts/cryptography/zklogin
Google OAuth 2.0 for Client-side Web Applications
https://developers.google.com/identity/protocols/oauth2/javascript-implicit-flow
A Complete Guide to zkLogin: How it Works and How to Integrate | Joy Wang
https://www.youtube.com/watch?v=Jk4mq5IOUYc
zkLogin Best Practices and Business Considerations for Builders
https://blog.sui.io/zklogin-best-practices-considerations/
zkLogin Demystified: Exploring Sui's Cutting-Edge Authentication
https://blog.sui.io/zklogin-deep-dive/
Set Up a Proving Service for zkLogin
https://blog.sui.io/proving-service-zklogin/
zkLogin Audit
https://github.com/sui-foundation/security-audits/blob/main/docs/zksecurity_zklogin-circuits.pdf