zkLogin makes engaging with dApps built on Sui as simple as signing in with familiar web credentials, like those used for Google and Facebook.
With zkLogin, application developers can choose to use invisible wallets, where interacting with the chain is fully abstracted from the user, or simply offer an easier way for users to access their on-chain assets.
zkLogin can be implemented alongside existing account types, such as mnemonic and hardware wallets, giving novices and experts the option that works best for their needs.
zkLogin generates user accounts using familiar OAuth credentials. The user is prompted to log in with their web credentials. This information is used to generate a JSON web token (JWT) that is then combined with random data (called a Salt) and passed to a service that generates a zero-knowledge proof (ZKP). The ZKP verifies the user is the rightful account owner without sharing the credentials themselves on-chain. After an account is generated, future transactions can be signed with the user’s OAuth credential.
Start Building with zkLogin
To ensure that all builders would have the ability to use zkLogin with a strong security guarantee, a public ceremony was held to generate an artifact called Common Reference String (CRS).
The ceremony was conducted with over 100 participants, including well-known academics and business leaders from institutions around the world, as well as validators on Sui. Learn more about how the ceremony proceeded.