Case Study - Wallet-based auth that actually works in production

Overview

Authentication has been stuck in the same pattern for years: centralized services, identity providers that collect way more data than they need, and the constant risk of breaches and vendor lock-in.

Sign-in-with-Tezos (SIWT) takes a different approach. It's a decentralized, wallet-based auth standard - users prove they own an address, accept policies, and get access. No personal data exposed. That's it.

We originally built it for StakeNow.fi, but SIWT outgrew that pretty fast. It won hackathons, got grants, and turned into a community-driven open-source standard that's now used across the ecosystem.

The vision

The idea behind SIWT is straightforward - but it changes everything: authentication should be decentralized, user-controlled, and private by default.

Wallets, cryptographic signatures, verifiable credentials - SIWT uses all of these to put identity control back in users' hands. Organizations still get the compliance and security they need.

Sign-in stops being a data grab and becomes a trustless verification flow.

How it works

Here's what SIWT actually does under the hood:

• Standardized message signing - prove ownership of an address with a cryptographic signature.
• Policy agreement - users can sign terms & conditions or licenses as part of login.
• Access control - applications can define what rights are required (e.g., token ownership, credential possession).
• Extensibility - integrations with Discord, Discourse, and frameworks like Passport.js or NextAuth.

One lightweight SDK. Less dependence on centralized identity providers. That's the pitch - and it delivers.

Adoption and ecosystem

SIWT has been integrated across the Tezos ecosystem and beyond:

• StakeNow.fi - initial pilot.
• The Stack Report - token-gated access to research.
• DIY Frame - NFT art display platform.
• Tezos Community - implemented by core dev team Marigold.
• Gaming projects - including Trooperz and Teztopia.

We've showcased it at TezDev and Encode hackathons, and it keeps evolving through community contributions.

Outcomes

SIWT is proof that open standards actually scale:

• Developers gain a drop-in authentication method that is secure, auditable, and intuitive.
• Users keep control of their identity, revealing only what’s needed.
• Ecosystems adopt a shared login method, reducing fragmentation.

Looking ahead

What's next for SIWT:

• Extending verifiable credentials support (Altme, W3C DID Core).
• Finalizing TZIP standards for chain-agnostic sign-in flows.
• Deeper integrations with OpenID Connect and mainstream frameworks.
• Expanding adoption across industries like mobility, healthcare, and finance.

The goal is big but simple: make SIWT the go-to auth method for the decentralized web.