ReactLogin methods

[NEW] On-chain Passkeys

This feature is in early access.

The WebAuthn Modular Account enables password-less authentication on-chain using passkeys (via WebAuthn), and is compatible with Alchemy’s Account Kit. This guide demonstrates how to register credentials, authenticate users, and send user operations using the @account-kit/smart-contracts package.

Instead of on-device verification it’s on-chain verification. Devs are responsible for generating the credentials attached to those biometric webauthn compatible passkeys and then using our signer.

Prerequisites

  • A frontend environment (React, Vite, Next.js, etc.)
  • Browser with WebAuthn and Credential Management API support
  • Install Alchemy Account Kit SDK smart contracts package (use the latest version - at least 4.52.1) and Viem
$  yarn add @account-kit/[email protected] @account-kit/[email protected] viem

Example Workflow

  1. User registers a WebAuthn credential
  2. Credential ID and public key are stored locally
  3. On login, navigator.credentials.get() fetches the credential
  4. The app creates a client using the credential
  5. A user operation is signed and sent

Register WebAuthn Credential

You are responsible for retaining your users’ public keys. Public keys generated by the WebAuthn specification are only retrievable once on the initial creation of the credential. As a precaution, we strongly suggest adding a secondary off-chain signer to use for account recovery

import { 
function createWebAuthnCredential(parameters: CreateWebAuthnCredentialParameters): Promise<CreateWebAuthnCredentialReturnType>
createWebAuthnCredential } from "viem/account-abstraction";

const 
const credential: P256Credential
credential = await 
function createWebAuthnCredential(parameters: CreateWebAuthnCredentialParameters): Promise<CreateWebAuthnCredentialReturnType>
createWebAuthnCredential({
  
name: string
Name for the credential (user.name).
name: "Credential Name",
});

// store credential id to public key mapping
// NOTE: use of localStorage is for TESTING PURPOSES ONLY, NOT FOR PRODUCTION USE

any
localStorage.
any
setItem(
const credential: P256Credential
credential.
id: string
id, 
const credential: P256Credential
credential.
publicKey: `0x${string}`
publicKey); //credentialIdAsBase64Encoded -> publicKeyHex

Login With Credential

import { 
function createModularAccountV2Client<TChain extends Chain = Chain, TSigner extends SmartAccountSigner = SmartAccountSigner<any>>(args: CreateModularAccountV2AlchemyClientParams<AlchemyTransport, TChain, TSigner>): Promise<ModularAccountV2Client<TSigner, TChain, AlchemyTransport>> (+1 overload)
createModularAccountV2Client } from "@account-kit/smart-contracts";
import { 
function alchemy(config: AlchemyTransportConfig): AlchemyTransport
Creates an Alchemy transport with the specified configuration options. When sending all traffic to Alchemy, you must pass in one of rpcUrl, apiKey, or jwt. If you want to send Bundler and Paymaster traffic to Alchemy and Node traffic to a different RPC, you must pass in alchemyConnection and nodeRpcUrl.
alchemy, 
const arbitrumSepolia: Chain
arbitrumSepolia } from "@account-kit/infra";

const 
const publicKeyRequest: PublicKeyCredentialRequestOptions
publicKeyRequest: 
type PublicKeyCredentialRequestOptions = /*unresolved*/ any
PublicKeyCredentialRequestOptions = {
  
challenge: any
challenge: 
var Uint8Array: Uint8ArrayConstructor
A typed array of 8-bit unsigned integer values. The contents are initialized to 0. If the requested number of bytes could not be allocated an exception is raised.
Uint8Array.
any
fromHex("0x"), // Generate a random challenge
  
rpId: string
rpId: "localhost", // should match your dApp domain
};

// retrieve available passkeys for the provided domain
const 
const publicKeyCredential: any
publicKeyCredential = await 
any
navigator.
any
credentials.
any
get({
  
publicKeyRequest: PublicKeyCredentialRequestOptions
publicKeyRequest,
});

if (
const publicKeyCredential: any
publicKeyCredential) {
  // verify that passkey with corresponding id exists on dApp
  const 
const publicKeyHex: any
publicKeyHex = 
any
localStorage.
any
getItem(
const publicKeyCredential: any
publicKeyCredential.
any
id);
  if (!
const publicKeyHex: any
publicKeyHex) throw new 
var Error: ErrorConstructor
new (message?: string) => Error
Error("Account does not exist");

  // create client to send transactions on behalf of verified user
  const 
const accountClient: {
    [x: string]: unknown;
    account: ModularAccountV2<SmartAccountSigner<any>>;
    batch?: {
        multicall?: boolean | Prettify<MulticallBatchOptions> | undefined;
    } | undefined;
    ... 83 more ...;
    extend: <const client extends {
        ...;
    } & ExactPartial<...>>(fn: (client: Client<...>) => client) => Client<...>;
}
accountClient = await 
createModularAccountV2Client<Chain, SmartAccountSigner<any>>(args: CreateModularAccountV2AlchemyClientParams<AlchemyTransport, Chain, SmartAccountSigner<any>>): Promise<...> (+1 overload)
createModularAccountV2Client({
    
policyId?: string | string[] | undefined
policyId: "YOUR_POLICY_ID",
    
mode?: "default" | "7702" | undefined
mode: "webauthn",
    
credential: {
    id: any;
    publicKey: any;
}
credential: {
      
id: any
id: 
const publicKeyCredential: any
publicKeyCredential.
any
id,
      
publicKey: any
publicKey: 
const publicKeyHex: any
publicKeyHex,
    },
    
rpId: string
rpId: "localhost",
    
chain: {
    blockExplorers?: {
        [key: string]: ChainBlockExplorer;
        default: ChainBlockExplorer;
    } | undefined;
    ... 7 more ...;
    testnet?: boolean | undefined;
} & ChainConfig<...>
Chain for the client.
chain: 
const arbitrumSepolia: Chain
arbitrumSepolia,
    
transport: AlchemyTransport
The RPC transport
transport: 
function alchemy(config: AlchemyTransportConfig): AlchemyTransport
Creates an Alchemy transport with the specified configuration options. When sending all traffic to Alchemy, you must pass in one of rpcUrl, apiKey, or jwt. If you want to send Bundler and Paymaster traffic to Alchemy and Node traffic to a different RPC, you must pass in alchemyConnection and nodeRpcUrl.
alchemy({ 
apiKey: string
apiKey: "YOUR_ALCHEMY_API_KEY" }),
  });
}
ParameterTypeDescription
policyIdstringYour account policy UUID from the Alchemy dashboard
mode"webauthn"Specifies credential mode
credentialobject{ id: string, publicKey: Address }
rpIdstringRelying Party ID (e.g., localhost or your domain)
chainChainNetwork config (e.g., arbitrumSepolia)
transportTransportAlchemy or custom RPC transport

Send User Operation

1const operation = await accountClient.sendUserOperation({
2  uo: {
3    target: "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045", // Example: Vitalik's address
4    data: "0x", // No calldata
5    value: parseEther("0"),
6  },
7});

React Native Integration

Get your React Native environment set up by following these docs. Once you’ve completed this setup, you can use the webauthn signer as detailed above!

localStorage is not available in React Native. Please use an alternative storage method.

What’s Next

This is only the initial SDK release for on-chain passkeys. We are actively working on the DevX so your feedback will be greatly appreciated. If you have any questions or are interested in learning more, please reach out!