Tl;dr ZKsync Smart Sign-On (SSO) enables developers to offer walletless user experience and easy transaction processing for their applications with just a few lines of code. Try a demo on testnet today: nft.zksync.dev

The Challenge: Clunky and Fragmented Onboarding in Web3

As a builder, you may have faced the very common issue of clunky and fragmented onboarding, especially for non-web3 native users. Social media, gaming, and other high-use apps currently suffer from a cumbersome UX that requires repeated transaction approval via an external wallet app, which hinders mass onboarding.

Our Solution: ZKsync Smart Sign-On (SSO)

Today we are introducing ZKsync Smart Sign-On (SSO), a toolkit for devs to create Web2-like UX for Web3 applications across the Elastic Chain.

Our goal with ZKsync SSO is to provide the tools necessary for creating better user experiences without sacrificing decentralization or security. At the heart of this improvement is session management—a key feature that enables users to enjoy a Web2-like experience within Web3 applications. You can allow your users to log in through a simple, seamless flow using biometrics like FaceID, eliminating the need to create a seed phrase. Users retain full control over their private keys and can choose to sign transactions individually or approve a temporary session key. This session key empowers the user or application to sign transactions on the user's behalf within pre-approved rules and limits, eliminating the need to sign each transaction individually. By leveraging sessions, users stay within the app and enjoy a smoother, more intuitive user flow that mirrors the convenience they're accustomed to in traditional online platforms.

See ZKsync SSO in Action

To see it in action, try out our demo app here or check out this video comparing the old way versus ZKsync SSO:

What is ZKsync SSO

A user & developer friendly modular smart account implementation on ZKsync; simplifying user authentication, session management, and transaction processing.

Core Features:

• 🧩 Modular smart accounts based on ERC-7579

• 🔑 Passkey authentication (no seed phrases)

• ⏰ Sessions w/ easy configuration and management (web2 UX)

• 💰 Integrated paymaster support

• ❤️‍🩹 Account recovery (Coming Soon)

• 💻 Simple SDKs : JavaScript, iOS/Android (Coming Soon)

• 🤝 Open-source Auth Server

• 🎓 Examples to get started quickly

Why Choose ZKsync SSO

For Developers and Founders:

• Easy Integration: Incorporate ZKsync SSO into your app swiftly with just a few lines of code using our SDK, which is compatible with most of the onboarding libraries. Adding session key support into your app has never been easier.

• Improved User Retention: Allow users to log in using their existing passkeys, enhancing stickiness.

• User-Friendly Experience: Users authenticate once using biometrics and can approve a temporary session that will allow your application to sign transactions on user’s behalf eliminating repeated prompts.

• Secure and Transparent: Wallet-agnostic, open-sourced, and backed by self-custody, eliminating single points of failure.

• Modular and Customizable: Built on the ERC-7579 standard, allowing for tailored functionalities.

• Robust Security: Supported at the ZKsync protocol layer, leveraging zero-knowledge proofs and Ethereum security.

For Your Users:

• Complete Control: Self-custodial wallets give users ownership of their data and assets.

• Biometric Security: Login using fingerprint or FaceID, eliminating the need for passwords.

• Web2-like Experience: Remove the need for repeated signatures through an external wallet, just interact with the app to do your actions - just as it should be.

• Seamless Access: Access all apps on ZKsync Era and, in the future, across the Elastic Chain ecosystem.

How ZKsync SSO works

The ZKsync SSO consists of three components that work together to offer a seamless experience for both developers and users: the Developer SDK, Auth Server, and Smart Contracts.

1. The Developer SDK is a client-side library that simplifies integration into applications, handling authentication and session management with features like passkey support and spend limit controls.

2. The Auth Server is a single-page application that acts as a non-custodial intermediary between client applications and ZKsync. It manages key aspects of the authentication process, including passkey creation, session settings, and transaction signatures.

3. The Smart Contracts deployed on ZKsync form the backbone of the SSO system, managing accounts, passkeys, and sessions. These contracts implement the ERC-7579 modular account standard, facilitate efficient deployment of new user accounts, and enforce spend limits for session keys.

How to Get Started with ZKsync SSO?

You're invited to start building with ZKsync SSO on testnet today. This implementation is undergoing external audit and will be released to mainnet as soon as the audit completes, so hop on in below and share your feedback.

• Get Started Building

• Read the Developer Documentation

• Get Support Integrating SSO

• Watch the Developer Video

What’s Next for ZKsync SSO?

We're excited to build ZKsync SSO alongside our community; your feedback is crucial in creating a product that truly meets the needs of our developer community. Share your ideas with us today and help shape our roadmap.

In the meantime, we're focusing on hardening and productionizing SSO. Key features include:

• Additional Signer Options: Adding EOAs as optional signers for SSO and adding support for multiple passkeys to enable cross-device compatibility.

• Recovery and Multifactor Approvals: Implementing robust recovery options and multifactor approval processes to ensure funds are never lost or stolen, adding extra layers of security.

We also have upcoming offerings:

• For ZK Chains: ZK Chains can use SSO as a white-label wallet infrastructure with native interoperability support, offering integrated wallets that enhance user experience while maintaining seamless connectivity within the ecosystem.

• For Enterprises: Developing a fully embedded enterprise wallet SDK that allows users to have self-custodial on-chain accounts without redirects to an authentication server for passkey validation—all actions occur within the application. User passkeys will function exclusively within the enterprise application, streamlining operations and enhancing security.