# Sign-In-With-Solana

LoopDesk uses wallet-only auth. Connecting and signing a nonce **is** the login.

## Flow

```
1. User clicks "Connect wallet" → /auth
2. User picks Phantom / Solflare
3. Client requests nonce: getSiwsNonce()
4. Wallet signs canonical SIWS message
5. Client posts signature: verifySiwsAndSignIn()
6. Server verifies with tweetnacl + pubkey
7. Server mints Supabase session for deterministic wallet user
8. Client calls supabase.auth.setSession(tokens) → /dashboard
```

## SIWS message format

```
loopdesk.com wants you to sign in with your Solana account:
<walletAddress>

Sign in to LoopDesk.

URI: https://human-in-the-loop.cc
Version: 1
Chain ID: solana:mainnet
Nonce: <nonce>
Issued At: <iso8601>
```

## Replay protection

* Nonces are single-use (deleted on verify)
* 5-minute TTL
* Bound to a wallet address on issue
* Stored in `public.siws_nonces` with RLS enabled and no policies (service-role only)

## Deterministic user mapping

Each wallet maps to a stable Supabase user:

* Email: `<walletAddress>@wallet.loopdesk.local`
* Display name: `Wallet <first4>...<last4>` (set by `handle_new_user` trigger)
* Wallet ↔ user mapping in `public.wallet_links`

## Source files

* `src/lib/hitl/siws.functions.ts` — nonce + verify server functions
* `src/routes/auth.tsx` — wallet sign-in UI
* `src/components/SolanaProvider.tsx` — wallet adapter context
* `src/components/ClientOnly.tsx` — SSR-safe wrapper


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hitl-01.gitbook.io/hitl-docs/authentication/siws.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.