Ethereum Guide

AI Agent Authentication

Authenticate AI agents using Ethereum wallet signatures. Challenge-response auth, 2-minute tokens, and on-chain identity verification.

Why Wallet-Based Agent Auth?

Wallet-based auth is the right model for AI agents. Each agent has a unique Ethereum address, signs challenges with its private key, and receives short-lived tokens (2-min TTL).

Challenge-Response Flow

Authentication works like blockchain transactions: the server issues a nonce, the agent signs it, and the server verifies the signature matches the registered wallet. No secrets are transmitted.

Verification

GitHat provides public verification endpoints. Call GET /verify/agent/{wallet_address} to check if an AI agent is registered and authenticated. No auth required — fully public.

Install

npm install ethers

Example

// Agent authentication with ethers.js
const { ethers } = require('ethers');
const wallet = new ethers.Wallet(AGENT_PRIVATE_KEY);

// Step 1: Get challenge nonce
const { nonce } = await fetch('https://api.githat.io/agent/challenge', {
  method: 'POST',
  body: JSON.stringify({ wallet: wallet.address })
}).then(r => r.json());

// Step 2: Sign the nonce
const signature = await wallet.signMessage(nonce);

// Step 3: Exchange for token (2-min TTL)
const { access_token } = await fetch('https://api.githat.io/agent/token', {
  method: 'POST',
  body: JSON.stringify({ wallet: wallet.address, signature, nonce })
}).then(r => r.json());
Try GitHat free

Ship authenticated apps in minutes, not weeks.

Related