Logging into onchain applications often requires two distinct actions: connecting and authenticating. Connection is essential for all wallet-related actions, as it allows users to select the account(s) they wish to use for the session and returns these address(es) back to the app for subsequent requests. Authentication is necessary to verify that users actually control the account(s) they've connected, typically done by signing an ephemeral message through [Sign-In-With-Ethereum ("SIWE")](https://eips.ethereum.org/EIPS/eip-4361). ![Connect + Authenticate](https://hackmd.io/_uploads/S18WMAH-1x.png) We propose combining these two actions into a single step to streamline the process for both developers and users. To achieve this, we introduce a new `wallet_connect` RPC method. ```typescript type WalletConnectParams = [{ signInWithEthereum: { // typical SIWE parameters excluding account address (to be determined by user) } }] type WalletConnectResult = { signInWithEthereum: { account: Address signature: Hex } } ``` **Beyond reducing friction, we aim to explore additional enhancements for user login experiences.** Top of mind is to request more user information than just addresses. Similar to how some apps use OAuth to also request a name and profile picture, this could extend to use cases like checkout processes, where details such as a shipping address or email are useful for receipts and further communication. ![userInfo](https://hackmd.io/_uploads/BJmBZJ8byx.png) To support this, we propose an optional `userInfo` field that allows apps to request additional user details at the time of connection. ```typescript type WalletConnectParams = [{ signInWithEthereum: { // typical SIWE parameters excluding account address (to be determined by user) }, userInfo?: Record<UserInfoField, UserInfoFieldParams> }] type WalletConnectResult = { signInWithEthereum: { account: Address signature: Hex }, userInfo?: Record<UserInfoField, UserInfoFieldResult> } type UserInfoField = "name" | "image" | "email" // and more fields type UserInfoFieldParams = Record<string, any> & { required: boolean } type UserInfoFieldResult = Record<string, any> & { verified: boolean } ``` Wallets would handle the collection and secure storage of users' information, sharing it with apps only after users explicitly consent to the request. If the requested information isn’t already available, the wallet could prompt the user to provide it, delaying the response until the data is completed. ![userInfoMissing](https://hackmd.io/_uploads/BJgnZyIW1l.png) For some fields, data verifiability may be crucial. When possible, wallets should attest to the authenticity of this information and include proofs that apps can independently verify. Open protocols like [Farcaster](https://www.farcaster.xyz) could leverage this feature effectively. ```jsonld // sample response { "result": { "signInWithEthereum": { "account": "0x...", "signature": "0x..." }, "userInfo": { "farcaster": { "verified": true, "relay": "https://relay.farcaster.xyz", "fid": 1, "username": "alice", "bio": "I'm a little teapot who didn't fill out my bio", "displayName": "Alice Teapot", "pfpUrl": "https://images.example.com/profile.png" } } } } ``` This approach offers significant benefits across the ecosystem: apps can easily access and cryptographically verify user data, social protocols gain natural onboarding entry points for new users, and wallets enhance their data richness and utility for users. ![userInfoFarcaster](https://hackmd.io/_uploads/SkgYag8ZJx.png) With a unified verification flow, users can save and carry their social information across any on-chain app, removing the need for apps to collect this data manually or integrate with external providers. Standardizing interfaces like `userInfo` provides these capabilities with minimal complexity for both developers and users. Over time, `wallet_connect` could expand further, potentially evolving into a strong alternative to OAuth.