Sign in with Ethereum - WordPress Plugin

An official WordPress Plugin. Yes “login with your Ethereum wallet” I came across the only such plugin at WP about a year. THEN I came across SIWE (Sign In With Ethereum) What a great project which to my understanding is already working with ENS. I absolutely love that people can use their eth web identities on web2 content management systems like that of the most popular open source CMS WordPress If you just google the stats for the number of web sites that use Wordpress, and Woocommerce I think everyone would agree that [Sign in with Ethereum] it’s a super easy way to onboard people. Most of you here have signed into a dapp or web page using SIWE. It’s performing now, so why not? With a couple of clicks, a plugin opens up millions of web site and users to the world of blockchain. Web3 in not going to come all at once and I don’t think it should. If I knew how to code I would be working on a SIWE plugin right now. I will help in any way I can to make this happen. I can still remember how awesome it felt to have my first site talking to Ethereum. I even had a bounty to import “blockies” as a fall back from the avatars. The possibilities are endless. Thanks for your consideration. James-Matthew I can send anyone who wants to try the current “ethpress” login a link to try it on my test site.

6 Likes

100% I love the idea of signing in with Ethereum for everything and trust it for being the future of authentication. Dumb question, but is this on chain or off chain? Does signing in with Ethereum mean that I have to pay gas every time?

2 Likes

Nope. That’s just signing with your address so no gas fees are required. That’s why this is an awesome idea.

3 Likes

I’ve been working on a WordPress plugin based on Sign-In With Ethereum using RainbowKit. Would love your feedback on it! Welcome to the demo site for Sign-In With Ethereum for WordPress using RainbowKit - WP Rainbow

3 Likes

I think this is a great idea… anyway to open the footprint of SIWE I think is awesome. The only thing for me is going to a website with SIWE and do I actually ‘trust’ this website? Connecting my wallet I’m always a bit nervous about. If you can get around this I think it will be amazing

2 Likes

Agreed, this is definitely a hurdle to mass adoption. The SIWE signature message being human-readable is a big advantage here, compared to using an encoded string that’s not decipherable to users (like OpenSea). With SIWE it’s clear what the user is signing, and unlikely that SIWE signature could be used maliciously on other websites or for a replay attack due to the specific nature of message contents, like the nonce, URI, domain, and statement.

The weakest chain in the link is browsers/wallets – with XSS vulnerabilities it could be possible for a malicious website to force a transaction after initial connection, but that’s a risk with web3-enabled applications generally and not specific to SIWE.

1 Like

This is a great kind of bridge for web2 to web3. Very neat idea. Thanks for sharing it. :rocket:

3 Likes

The WordPress plugin I’ve been working on is now available through WordPress.org. Please give it a try and share feedback/reviews. Thank you!

2 Likes

Hi davisshaver, I just reached out to you via email. I’ve been thinking about this a lot more often these days and started playing with your plugin for wordpress. So simple and slick, but wondering if there’s siome more data we can pull from ENS records as part of the sign-up process eg email, description, avatar and others? AND we could create a couple of specific TEXT records such as Firstname and Lastname which can align with Wordpress users?

Would be great to collaborate on this if possible.

Cheers
James

2 Likes

Adding here -

Let me know where I can be helpful in adding some of this to the community highlights in the documentation

1 Like

Thanks @rocco - I reached out to @davisshaver and he sent through his github page: https://github.com/davisshaver/wp-rainbow unfortunately he’s not actively working on the plugin

I’ve added a comment to https://github.com/davisshaver/wp-rainbow/issues/11 about looking at utilising TEXT records to add additional mapping of Wordpress Profile data from ENS eg com.wordpress.firstname, com.wordpress.lastname etc. Unfortunately I’m not a programmer and really have no idea how to extend the great work Davis has done so far…

4 Likes

Thanks for the interest James! I am hoping to resume work on the plugin later this year. There is a way that another developer could extend the plugin using WordPress “action” hooks, so if anyone wants to work on this, please let me know and I’d be glad to advise on the best way to proceed.

For the official plugin integration, it will be relatively straightforward to connect the ENS text records to WordPress fields. We already do something similar with the WordPress display name, which we update on login if the ENS name has changed for the address.

More complicated will be the plugin configuration settings. Here are some questions, interested in your and others’ thoughts:

  • Should site administrators be able to select which fields are synced?
  • Should custom mappings between fields be supported or will all sites use the same mapping?
  • Should fields be updated on every sign in or just when the account is created?
1 Like

Awesome, thanks Davis. If there are any developers that wish to get things moving I’m more than willing to help from my side. I’m a technical analyst (not a developer!), so can help resolve all these questions and write documentation!

Reach out if anyone wants to collaborate!

1 Like

Just want to make a note here that this is also work that can be subject to retroactive rewards from the SIWE community server group!

3 Likes

First pass of ENS text records to WordPress user meta is out! Check out v0.2.17 on WordPress.org.

Thanks to @jamesmcardle.eth for suggesting the feature initially.

Right now the fields are updated on every sign-in and admins can select which text records to sync & to which WordPress user meta fields.

In addition to custom user meta fields, the “user_url” and “user_email” core user fields in WordPress are handled, allowing users to map the ‘url’ and ‘email’ ENS text records respectively.

Please let me know feedback or other ideas here or on Github! https://github.com/davisshaver/wp-rainbow/issues/11

Is there a test site that’s using this plugin so folks can try it out?

I really like the solution you’ve deployed where anyone can map anything from ENS to Wordpress… this is really flexible. For example Rainbow Wallet are using their own TEXT records eg:

me.rainbow.displayName
header
etc…

When I get a chance I’ll test it and let you know the outcome. I have my own test site but I haven’t had a chance to test the new version yet… life is getting in the way!!

2 Likes

Absolutely! You can log in here to test this out: Log In ‹ WP Rainbow — WordPress

Here’s what the settings look like.

3 Likes