Sign in with Safe App

[johannesmoormann]

Part 1: Define the problem

What problem are you trying to solve?

The collaboration with the SiWe team (SpruceID and https://login.xyz/) will allow Safes to delegate sign-in authority to other accounts (EOAs) for an easier sign in process without requiring the multisignature flow. This integration will go live in September and Safes need a way to manage the on-chain delegation registry. This includes an overview over current delegates and the option to add and remove addresses (delegates) from the registry.

Final piece for one of the solutions for #51

What is your hypothesis?

Allowing this authentication method via delegation will enable Safe users to participate in the full spectrum of the web3 world, where signing in via a signature is becoming more and more relevant, and therefore will increase the usage of the Safe for these applications. Having a Safe App that allows the management of these delegates is crucial to the adoption on the Safe side.

What value does this bring to our customer and/or our mission? What is the goal?

Allowing easy and gasless authentication was already determined to be highly important roadmap item. With the current approach, we outsourced most of the development to an already established standard, SiWe, that already has a strong market penetration with its core SDK (over 250 projects).

How do we measure it?

Delegates set
Integrations of the SignInWithSafe library

Links:

https://github.com/spruceid/siwe/tree/feat/delegate-history

Demo video

2022-06-30_14-27-54.mp4

Part 2: Shaping the problem

Problem Owner

Daniel Sa

Non Goal(s)

• Enable sign in with Safe using a method different from SpruceId and login.xyz
• Creating further logic to validate delegates from the registry on login.xyz

Solution

Solution 1

Overview
To solve this problem we will have to use the delegate approach. We will create a basic Safe App that will work as interface to manage the allowed delegates for a Safe, including selecting the allowed workspaces. This is something that it's already possible and we will reuse an existing delegates registry, so the Safe team should only handle delegates additions/removals and login.xyz will get the information from this registry.

Rough Scoping & Timeline
We plan to create a basic Safe App that will be able to handle the existing delegate registry allowing to add and remove delegates for the current Safe.
Our idea is to create it the more flexible we can, allowing not only to handle delegates for login with ethereum but all the other delegates that the Safe may have created, like Snapshot delegates.

Risk(s), Key Trade Offs & Decisions

No big risks detected,as we should just handle add/remove delegates and that's it.
Very likely that we will need some support from design team to make it more beautiful and intuitive, as we don't have designs yet.

It seems a very simple app, if we don't get any other external requirements shouldn't be complicated, but there are external dependencies that add more risk.

Concept Mocks

Alternative solutions & ideas

Open Questions