Integrating blockchain-based authentication is one of the first steps any developer wanting to transition from Web2 to Web3 must take. While this might sound like a complex task, it’s actually relatively straightforward when using the proper tools. That’s where Moralis’ Web3 Auth API enters the picture. Want to know if this API is for you?
- ✅ Are you building a new blockchain app?
- ✅ Do you want to connect your existing Web2 user database using blockchain-based authentication?
- ✅ Want to use authentication aggregators such as Auth0 for your business or enterprise’s authentication flows?
If you’re reading this article, odds are your answer is “yes” to the above! Now, before we move on further and explore how to integrate blockchain-based authentication, let’s go over some basics.
Aside from covering the basics, we’ll look at the leading blockchain authentication alternatives. Some of these are especially useful for onboarding new users that have no experience with crypto. Furthermore, we will use today’s article to show you how to integrate the best blockchain-based authentication system brought to you by Moralis. With Moralis’ Web3 Auth API, you can easily implement all sorts of Web3 authentication methods. Of course, if you want to join us for that part, you’ll need to create your free Moralis account. But, as mentioned, let’s first make sure you all know the basics of blockchain and blockchain-based authentication.
What is Blockchain?
Looking at the above image, you can see one of the most on-point definitions of blockchain. At its core, every blockchain is a decentralized digital ledger or a database. However, to understand why it’s called “blockchain,” we must dig a little deeper!
When transactions are validated by blockchain nodes, either via a proof-of-stake (PoS) or a proof-of-work (PoW) consensus mechanism, they get added to an array of transactions known as blocks. These blocks of transactions are then linked linearly so that each block contains the encrypted data linked to its predecessor. Hence, the name blockchain. The only exceptions are the so-called “genesis blocks”. After all, a genesis block is the first block of any blockchain, so it doesn’t have any predecessors.
It’s important to note that full nodes contain the entire current copy of the blockchain. Also, there is no centralized authority when it comes to blockchain networks. However, the level of decentralization obviously depends on the number of nodes and their distribution. Furthermore, it’s worth pointing out that Bitcoin was the first blockchain and continues to be the most popular chain to this day. However, it was the birth of the second blockchain, Ethereum, when things went to a whole new level. Ethereum introduced smart contracts and, in turn, the concept of a programmable blockchain. This was also the foundation needed for devs to start creating dapps (decentralized applications). Nowadays, we have many reputable blockchains, and most of them rely on EVM (Ethereum Virtual Machine). Moreover, they are referred to as EVM-compatible chains.
Note: With Moralis’ blockchain-based authentication system you get to target Ethereum, Solana, and all the leading EVM-compatible chains.
Is Blockchain Technology Secure?
Blockchain technology is one of the most secure techs out there. Of course, that doesn’t mean finding some vulnerabilities is impossible. However, when designed properly, it is extremely secure and, at the same time, transparent. Of course, it’s important to point out that not all blockchains are equal, and their level of security may vary. Moreover, the chains mentioned so far are so-called public blockchains. On the other hand, there are also private blockchains, which generally offer an even higher level of security. As such, many companies focus on using private blockchains.
The security of any particular blockchain depends on its design and consensus mechanism. If a design has no flaws and the distribution of nodes is properly decentralized, then the security level should be quite high. For instance, Bitcoin continues to show an exceptionally high level of security. On the other hand, certain programmable chains have already been hacked, some more than once.
Furthermore, we can’t talk about blockchain security without mentioning the “blockchain trilemma”. Currently, it is still not possible to achieve the highest levels of decentralization, scalability, and security at the same time. Thus, projects normally decide to sacrifice one aspect slightly to boost the other two. However, innovative ideas such as sharding, sidechains, and state channels are being explored and tested to address the trilemma.
There’s a lot more we could tell you about blockchain and its security. However, the above information is more than enough, especially since the goal of this article isn’t necessarily to teach you about blockchain but to show you how to integrate blockchain-based authentication. But, if you want to learn more about blockchain and Bitcoin, enroll in the “Blockchain & Bitcoin Fundamentals” course at Moralis Academy!
What is Blockchain Authentication?
Blockchain authentication, also known as Web3 authentication, is the process of users connecting with any particular blockchain network. Essentially, a proper blockchain-based authentication system enables developers to allow users to connect their Web3 wallets to dapps. Blockchain authentication may sometimes include other login alternatives, such as email, that create a new wallet address and use that address to connect to the dapp at hand. This method is particularly useful if users know very little about Web3 and don’t have their own Web3 wallets. However, using MetaMask (the leading Web3 wallet) is still the most popular Web3 authentication method, especially for web dapps. On the other hand, WalletConnect tends to serve the best mobile dapp users.
Looking at the image above, you can see a typical Web3 authentication button. The same button even enables users to select among different chains. We’ll show you how to integrate blockchain-based authentication of that sort in the upcoming sections. Furthermore, we will do so effortlessly with Moralis’ Auth API, which enables you to cover the functionality of such a “Connect Wallet” button with a single line of code. Moreover, you get to work with any of your favorite legacy dev tools. Below we’ll focus on using NextJS, but you can use other frameworks, platforms, and programming languages. Nonetheless, if you are interested in learning exactly how the Moralis Auth API works, make sure to check out the Moralis docs!
Blockchain Authentication Alternatives
When talking about blockchain authentication alternatives, we essentially refer to MetaMask alternatives. Above, we already mentioned WalletConnect. However, when you decide to integrate blockchain-based authentication with Moralis, you have some other neat options:
The Moralis blockchain-based authentication system also supports RainbowKit and Coinbase Wallet authentication methods. Each of the above-listed MetaMask alternatives has its own specific use cases, advantages, and disadvantages. Hence, let’s quickly overview each of these three Web3 authentication solutions.
Magic.Link, or Magic, is brought to you by Magic Labs. It’s one of the most reputable ways to offer passwordless Web3 onboarding. Thanks to the practical Magic SDK, you can implement this advanced authentication method, create wallets, and manage keys. Also, Magic is one of those solutions that enables you to integrate blockchain-based authentication that requires only an email address, a social account, or a phone number. Thus, it is particularly appropriate for newcomers to Web3 as it creates Web3 wallets behind the scenes.
Unlike the common misconception, WalletConnect is not an app or a crypto wallet. In fact, it is an open-source protocol that may be used to create a connection between a wide range of crypto wallets and dapps. Furthermore, the WalletConnet protocol’s properties ensure that the connection between applications, wallets, or devices is safe. After all, connections established in such a manner are symmetrically encrypted via a shared key between two peers. Moreover, it’s worth pointing out that WalletConnect works with more than 100 leading wallets (visit WalletConnect’s official website for more details).
When using WalletConnect for Web3 authentication, you have two options to establish the connection between wallets and dapps. You can do this by using a deep link or by scanning a QR code. In both cases, one peer (or dapp) sends out the code or link, and the other peer needs to scan or approve it. By integrating WalletConnect into dapps, you get to offer your users safe and reliable connections.
Web3Auth is similar to Magic. After all, it also offers a great way for Web2 users to enter the Web3 realm frictionlessly. Web3Auth also offers some features that go beyond Web3 onboarding. For instance, Web3Auth’s fiat-to-crypto APIs allow your customers to purchase and interact directly with the chain in question on your dapp. This blockchain authentication alternative also eliminates seed phrases, which reduces support tickets. Moreover, We3Auth utilizes a non-custodial, multi-factor authentication method, which is a secure and decentralized way to protect private keys. Nonetheless, Web3Auht is also OAuth 2.0 compatible. Hence, it lets you verify a user on the backend via a single API.
How to Integrate a Blockchain-Based Authentication Solution
Moralis offers many different ways to integrate blockchain-based authentication. Since NextJS is quite popular, we focused on using that framework and authenticating using MetaMask in this article.
However, before we hand you over to our in-house expert’s video tutorial, let’s take a look at what you’ll be creating:
Looking at the screenshot above, you can see that it all starts with a simple click on the “Authenticate via MetaMask” button. Next, users need to select the account they want to use. They move on by clicking on the “Next” button. In the second step, users must click on “Connect”:
Then, to complete the Web3 authentication with MetaMask, users need to sign our dapp’s signature request:
Successfully authenticated users land on the “user” page:
The video further down will take you through the steps you need to complete to integrate blockchain-based authentication with NextJS and the Moralis Auth API. In short, to integrate blockchain-based authentication, you must first complete some prerequisites, including creating a Moralis account and setting up VSC. Then, for the actual dapp creation and implementation of blockchain authentication, complete the following steps:
- Use the “npx create-next-app” command to create a new NextJS dapp (see our NextJS dapp tutorial).
- Install the required dependencies (Moralis, “next-auth”, and “axios”). Also install the “wagmi” and “ethers” packages.
- Set the communication between your frontend and the backend in place. This is where you will focus on tweaking the “index.js” file. As far as the frontend goes, you will be focusing on tweaking the “_app.js” file and creating the “sign in” and “user” pages.
The above are some of the initial steps needed. For the complete code tutorial, visit our documentation page. Now, let’s look at another essential step to integrate Web3 authentication, obtaining your Web3 API key.
Obtain Your Moralis Web3 API Key for Blockchain-Based Authentication
To integrate blockchain-based authentication into your NextJS app, you must have your Moralis Web3 API key. Further, you’ll paste it into the “.env.local” file. So, in case you haven’t done so yet, use the “create your free Moralis account” link in the intro and complete the onboarding. With your Moralis account up and running, you’ll be able to access your admin area. From there, you’ll obtain your Moralis Web3 API key in two simple steps:
Here’s the video tutorial that will show you how to integrate blockchain-based authentication offered by Moralis with NextJS:
Note: You can also access the final code for the above Web3 authentication example dapp on GitHub.
Blockchain-Based Authentication – How to Integrate? – Summary
Today’s article taught you what blockchain is, how secure it is, and what a blockchain-based authentication system is. As such, you now know that blockchain is a digital distributed ledger, which, when designed properly, is highly secure. However, you also found out about the blockchain trilemma. Hence, you now know that it’s still impossible to have the highest levels of security, scalability, and decentralization simultaneously. As far as Web3 authentication goes, you now understand that it serves as a gateway to the crypto realm. Moreover, you are now aware of how useful the Moralis Auth API is. Nonetheless, you also learned about some neat Web3 authentication alternatives. Finally, you had a chance to use the Moralis Auth API to implement Web3 authentication into a NextJS app.
If you are interested in mastering the Moralis Auth API, we encourage you to complete other Web3 authentication how-to guides that await you in the Moralis docs. Also, you can take on other tutorials that this documentation offers. Moreover, you can expand your blockchain development knowledge by exploring the Moralis YouTube channel and the Moralis blog. Some of the latest topics there show you how to build BNB chain dapps fast, how to connect a dapp to the Ethereum network, how to connect a dapp to Polygon, clone Zapper, how to connect to PlayFab with Web3 using Azure Functions, and much more.
On the other hand, you may want to go full-time crypto as soon as possible. If so, you should take a more professional approach to crypto education. After all, becoming blockchain certified significantly improves your chances of landing your dream job in this disruptive industry. Thus, consider enrolling in Moralis Academy.