Key Features
Leverage the security and convenience of blockchain for authentication
No Passwords
Users sign in with their Evrmore wallet instead of creating and remembering passwords.
Cryptographic Security
Authentication based on blockchain cryptography provides military-grade security.
Easy Integration
Simple JavaScript library makes integration with any web application straightforward.
User Management
Built-in user creation and management with extensible user profiles.
JWT Tokens
Secure, stateless JWT tokens for authenticated sessions with automatic expiry.
Modern UI
Clean, modern user interface with responsive design for all devices.
How It Works
Evrmore Accounts uses challenge-based authentication with blockchain signatures
Challenge Generation
When a user initiates sign-in, the server generates a unique challenge including the user's Evrmore address, a timestamp, and a random nonce.
// Server generates a challenge
Challenge: "Sign this message to authenticate with Evrmore: EViF16aYCetDH56MyKCcxfyeZ3F7Ao7ZBc:1741810666:3fa805f556befabe"
Message Signing
The user signs the challenge message with their Evrmore wallet, which creates a cryptographic signature that proves ownership of the wallet address.
// User signs the challenge with their wallet
evrmore-cli signmessage "EViF16aYCetDH56MyKCcxfyeZ3F7Ao7ZBc" "Sign this message to authenticate with Evrmore: EViF16aYCetDH56MyKCcxfyeZ3F7Ao7ZBc:1741810666:3fa805f556befabe"
Signature Verification
The server verifies the signature using Evrmore's cryptographic functions to confirm it was signed by the owner of the address.
// Server verifies the signature
const isValid = verifyMessage(evrmoreAddress, challengeText, signature);
if (isValid) {
// Authentication successful
}
Session Creation
Upon successful verification, the server creates a JWT token for the authenticated session and returns it to the client.
// Server creates and returns a JWT token
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expires_at": "2025-03-19T16:27:46.900042",
"user": {
"id": "60e0df21-820b-4771-ad5b-ca621bfe7e31",
"evrmore_address": "EViF16aYCetDH56MyKCcxfyeZ3F7Ao7ZBc"
}
}
Authenticated Requests
The client stores the JWT token and includes it in the Authorization header for subsequent API requests to authenticate the user.
// Client includes the token in API requests
fetch('/api/secure-endpoint', {
headers: {
'Authorization': `Bearer ${token}`
}
});