Skip to main content

Authentication

WEFA supports dual-mode authentication: passkey (WebAuthn) and Ethereum wallet connection.

Auth Modes

Passkey (Primary)

WebAuthn-based sign-in that is fast, phishing-resistant, and doesn't require a wallet extension.

Uses Pimlico for smart account infrastructure (bundler/paymaster)
Registration creates a WebAuthn credential
Login verifies the credential
Smart account address is derived from the passkey

Wallet (Secondary)

Standard EVM wallet connection via Reown AppKit.

Connects any EVM-compatible wallet
Chain targets: Base (8453) and Base Sepolia (84532)
AA "thin wallet" flow planned for future

Session Restoration

Auth sessions persist across refreshes and offline via localStorage:

Key	Value
`wefa_auth_mode`	`'passkey'` or `'wallet'`
`wefa_username`	Display name
`wefa_credential`	WebAuthn credential data
`wefa_rp_id`	Relying Party ID

On app load, the auth machine attempts session restoration before falling back to the login screen.

Auth Machine

Route Guards

RequireAuth - Redirects to / (Login) if unauthenticated
RequireOnboarding - Redirects to /onboard if player.onboardingComplete is false

Key Files

src/machines/authMachine.ts - Auth state machine
src/providers/AuthProvider.tsx - Auth context provider
src/modules/auth/passkey.ts - Passkey registration and login
src/providers/AppKitProvider.tsx - Reown AppKit configuration
src/routes/guards.tsx - Route guard components
src/views/Login.tsx - Login view

Auth Modes
- Passkey (Primary)
- Wallet (Secondary)
Session Restoration
Auth Machine
Route Guards
Key Files