Overview
GenLayer Points uses Web3 authentication via MetaMask wallet. Your Ethereum wallet address serves as your unique identifier in the system.What You Need
MetaMask Required: You must have MetaMask or a compatible Web3 wallet installed in your browser.
- MetaMask browser extension
- An Ethereum wallet address
- Connection to any Ethereum-compatible network
Authentication Process
Click Connect Wallet
Locate the “Connect Wallet” button in the top-right corner of the navigation bar.
Authorize Connection
MetaMask will prompt you to:
- Select which account(s) to connect
- Approve the connection request
Sign the Message
You’ll be asked to sign a message to prove wallet ownership. This message:
- Contains a unique nonce (expires in 5 minutes)
- Includes the domain and timestamp
- Does not cost gas - it’s a free signature
- Never shares your private key
Sign-In With Ethereum (SIWE)
The authentication uses the SIWE standard (EIP-4361), which provides:- Secure authentication without passwords
- Wallet-based identity - your address is your login
- Tamper-proof signatures verified on the backend
- Session management via secure cookies
Sample SIWE Message
Authentication Flow Details
Backend Verification
- Frontend requests a nonce from
/api/auth/nonce/ - User signs the SIWE message with their wallet
- Signed message is sent to
/api/auth/login/ - Backend verifies:
- Signature matches the Ethereum address
- Nonce is valid and not expired
- Nonce hasn’t been used before
- Session cookie is created on success
Session Management
Your session automatically refreshes every 5 minutes to keep you logged in.
- Sessions use secure HTTP-only cookies
- Session data stored server-side
- Frontend never sees raw session tokens
- Automatic logout on wallet disconnect
Wallet Account Switching
When you switch accounts:- System detects the account change
- Current session is invalidated
- You’re prompted to sign in with the new account
- New session is created for the new address
Network Changes
This ensures:- Consistent application state
- Proper network configuration
- No stale data from previous network
Troubleshooting
”MetaMask is not installed”
Solution: Install the MetaMask browser extension”Connection rejected”
Solution: Click “Connect Wallet” again and approve the connection request in MetaMask”Signature verification failed”
Possible causes:- Wrong account selected in MetaMask
- Signature was cancelled
- Network connectivity issues
”Authentication expired, please try again”
Cause: The nonce expired (5 minute limit) Solution: Click “Connect Wallet” to get a fresh nonceSession Not Persisting
Possible causes:- Browser blocking third-party cookies
- Incognito/private browsing mode
- Browser extensions blocking cookies
- Allow cookies for the Points domain
- Use regular browsing mode
- Check browser extension settings
Security Features
What’s Protected
- Nonce Expiration: Each nonce expires after 5 minutes
- One-time Use: Nonces can only be used once
- Signature Verification: Backend verifies all signatures cryptographically
- Session Cookies: HTTP-only, Secure flag enabled in production
- Address Validation: All addresses normalized to lowercase
What’s NOT Shared
Your private keys never leave your wallet. The signature process is handled entirely by MetaMask.
- Private keys
- Seed phrases
- Transaction signing capability
- Wallet permissions beyond address visibility
Multiple Devices
You can be logged in on multiple devices simultaneously. Each device maintains its own session.
- Each browser/device has independent sessions
- Logging out on one device doesn’t affect others
- Session refresh is per-device
Manual Logout
Next Steps
Create Your Profile
Set up your display name and node version after connecting
Submit Contributions
Start tracking your contributions to GenLayer