ERC-7585: Permitted Authentication Scheme
ERC-7585 generalises ERC-4361 (Sign-In with Ethereum) to any chain. Where SIWE is Ethereum-specific (chainId in caip-2 form, address derivation via keccak256), ERC-7585 lets the signer specify the chain, address-derivation algorithm, and signature scheme — so a single auth library handles Ethereum + Neo + Solana + Cosmos + others uniformly.
Used by:
- Multi-chain dApps that want one sign-in flow across chains.
- Wallet aggregators that authenticate users by any chain identity.
- Cross-chain identity registries linking the same user's multiple chain identities.
Required Message Format
example.com wants you to sign in with your account:
caip-10:neo3:894710606:NhMYxG5ATmRjSy6ocnPxrA2DiYba6xhFqu
Authentication scheme: caip-122
Version: 1
Nonce: ...
Issued At: ...
Expiration Time: ...
Resources:
- ipfs://Qm...The CAIP-10 identifier names both the chain (caip-2 prefix) and the address; CAIP-122 names the signature/auth scheme (e.g. secp256k1-keccak, secp256r1-sha256, ed25519). A verifier implementing ERC-7585 dispatches to the right verification routine based on the scheme tag.
Neo Equivalent: Native Witness Over Scheme-Tagged Message
Neo's witness model already provides the per-curve verification hooks; the only addition is the scheme-tag in the signed message so multi-chain verifiers can dispatch correctly:
public static bool VerifyAuth(
ByteString domain, ECPoint pubKey,
string scheme, // "caip-122/secp256r1-sha256"
ByteString nonce,
BigInteger expirationTime,
ByteString signature)
{
if (Runtime.Time > expirationTime) throw new Exception("AUTH:Expired");
if (scheme != "caip-122/secp256r1-sha256") throw new Exception("AUTH:UnsupportedScheme");
var msg = domain
.Concat((ByteString)scheme)
.Concat(nonce)
.Concat((ByteString)(byte[])expirationTime.ToByteArray())
.Concat((ByteString)pubKey.EncodePoint(true));
return (bool)CryptoLib.VerifyWithECDsa(msg, pubKey, signature, NamedCurveHash.secp256r1SHA256);
}| ERC-7585 (Ethereum) | Neo Equivalent | Notes |
|---|---|---|
| CAIP-10 chain-and-address identifier | caip-10:neo3:{network}:{address} | Same standard, neo3 prefix |
| CAIP-122 scheme tag | caip-122/secp256r1-sha256 for Neo native | Tags Neo's signature scheme |
| ECDSA recovery | CryptoLib.VerifyWithECDsa | Direct port |
| EIP-712 typed-data option | Native witness over canonical bytes | Simpler shape |
Composition
- ERC-4361 — SIWE. ERC-7585 is the multi-chain generalisation.
- EIP-712 — typed structured data signing. ERC-7585 uses CAIP-122 over the typed data envelope.
- ERC-1271 — smart contract signatures. ERC-7585 honours contract signers via 1271 dispatch.
Migration Notes
For multi-chain dApp auth servers:
- Adopt the CAIP-2 / CAIP-10 / CAIP-122 standards in your server-side library.
- Per-chain verifiers register their schemes — Ethereum:
secp256k1-keccak, Neo:secp256r1-sha256, Solana:ed25519. - The dApp's sign-in message includes the user's CAIP-10 identifier; the verifier dispatches to the right routine.
For Neo specifically, the on-chain footprint is the same as the ERC-4361 mirror — primarily off-chain server library work.