{"id":20974159,"url":"https://github.com/thirdweb-example/ethlogin","last_synced_at":"2025-05-14T12:31:03.131Z","repository":{"id":181805040,"uuid":"667284830","full_name":"thirdweb-example/ethlogin","owner":"thirdweb-example","description":"A ERC-4337 experiment","archived":false,"fork":false,"pushed_at":"2024-11-18T23:40:54.000Z","size":1629,"stargazers_count":28,"open_issues_count":1,"forks_count":16,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-02T18:22:02.901Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://unilogin.thirdweb-preview.com","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/thirdweb-example.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-17T06:56:40.000Z","updated_at":"2025-02-28T17:45:26.000Z","dependencies_parsed_at":"2024-11-19T00:34:42.477Z","dependency_job_id":"77dd2125-5175-409f-af2b-065eb2d4ea93","html_url":"https://github.com/thirdweb-example/ethlogin","commit_stats":null,"previous_names":["thirdweb-example/unilogin","thirdweb-example/ethlogin"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thirdweb-example%2Fethlogin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thirdweb-example%2Fethlogin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thirdweb-example%2Fethlogin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thirdweb-example%2Fethlogin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/thirdweb-example","download_url":"https://codeload.github.com/thirdweb-example/ethlogin/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254142217,"owners_count":22021481,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-19T04:26:52.807Z","updated_at":"2025-05-14T12:31:02.081Z","avatar_url":"https://github.com/thirdweb-example.png","language":"TypeScript","readme":"# Decentralized Ethereum Login System\n\nThis is a ERC-4337 experiment that shows how to connect to a smart account using only a username and password, fully onchain, with no centralized infrastructure.\n\nOnly requires:\n\n- RPC provider of your choice\n- Bundler/paymaster provider of your choice\n- IPFS gateway of your choice (this could be replaced with pure onchain storage)\n\nAnyone can build a frontend for this, and users can connect from any device, on any domain. No walled gardens or centralized infrastructure.\n\nSolves most of the UX issues:\n\n- Accessible from any platform - web, native apps, games, etc\n- No domain restrictions, can be used on any domain\n- Syncs to any device, all data lives onchain and on IPFS and cannot be censored\n- No pop up or mobile app redirects, all signatures happen under the hood\n- Every account comes with a username, no need to remember another long address\n\n## Live Demo\n\nTry it out at [https://ethlogin.thirdweb-preview.com/](https://ethlogin.thirdweb-preview.com/)\n\n## How it works\n\n- Account factory smart contract acts as a registry for usernames (lookup username -\u003e get account address)\n- Private keys are generated client side, encrypted and stored on IPFS\n- Account contract stores the IPFS hash of the encrypted private key + metadata like the username\n\n![How it works](./docs/how-it-works.jpeg)\n\n## What about recovery?\n\nThis demo is a simplified version of what could be achieved. Next steps would be:\n\n- Use EIP-7579 modular accounts\n- Add a recovery module to the account by default\n\nA good recovery module option would be a [zk-email account recovery module](https://github.com/zkemail/email-recovery?tab=readme-ov-file#universalemailrecoverymodulesol), letting you \"reset\" the smart account admin to a new EOA, and update the IPFS data attached to the account.\n\n## What about security?\n\nReminder, this is a demo, don't use it as is in production!\n\nTo make this account safe to use, one idea would be to encode policies in the account (via a 7579 module) which would effectively add a 2FA layer to the account on certain conditions.\n\nSome ideas:\n\n- enforce having a secondary signer available once account balances are above a threshold\n- enforce a maximum spend limit when only one signer is available\n- enforce 2 or more signatures (one could be a zkemail proof) for high value transactions and approvals\n\nThis would allow you to make the account quite safe, while still keeping the UX benefits of no pop up or mobile app redirects when executing low value transactions.\n\n## What about multi chain?\n\nThis demo is on a single chain, but it could be extended to multiple chains by moving the username registry from the account factory to a keystore rollup.\n\nInstead of storing the account metadata on the account contract, it would be stored in the keystore rollup. Apps could look up the username in the keystore, get the data and decrypt the private key to connect to the smart account on any chain.\n\nImportant to keep the factory addresses deterministic so the addresses are identical on every chain.\n\nUsernames could also come from the ENS registry on namechain, instead of living in the same registry as the keys.\n\n## Run the app locally\n\nThis app uses thirdweb default RPC, bundler and IPFS services. Get a client id from [thirdweb](https://thirdweb.com/) and set it in a `.env.local` file.\n\n```bash\nNEXT_PUBLIC_THIRDWEB_CLIENT_ID=your-client-id\n```\n\nYou can also configure the SDK to use your own RPC, bundler and/or IPFS gateway.\n\nRun the app:\n\n```bash\npnpm dev\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthirdweb-example%2Fethlogin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthirdweb-example%2Fethlogin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthirdweb-example%2Fethlogin/lists"}