Implement or review Web2 wallet-based auth (SIWE/EIP-712) with nonce+expiry+anti-replay, ERC-1271 support, rate limiting, and safe logging. Use when touching login/session/authz endpoints or any signature verification off-chain.
Installation
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Implement or review Web2 wallet-based auth (SIWE/EIP-712) with nonce+expiry+anti-replay, ERC-1271 support, rate limiting, and safe logging. Use when touching login/session/authz endpoints or any signature verification off-chain.
Web2 Wallet Auth (SIWE/EIP-712 + ERC-1271)
When to use
Any change to: login routes, session issuance, signature verification, nonce storage, auth middleware, or endpoints that accept wallet identities.
Any addition of privileged Web2 roles (admin/ops/keeper) or routes that accept IDs from the client.
Goal (Definition of Done)
✅ Login is replay-safe (nonce + expiry + one-time use).
✅ Verification supports both:
EOA signatures (ECDSA)
Smart wallets (ERC-1271 via eth_call isValidSignature)
✅ Domain + chainId are validated.
✅ AuthZ prevents IDOR (deny by default; ownership checks).