In today’s web, the most popular authentication methods rely on centralized identity providers that act as trusted intermediaries. Social login and single sign-on (SSO) are significant improvements over prior methods, but still give control of a person’s online identity to the biggest tech platforms, like Meta and Google. The kinds of data people share — and importantly, the protocols involved in identity and authentication — are controlled by entities whose interests do not always align with the people relying on them.
Because of this control, the pace and direction of innovation in authentication is too reliant on the largest tech platforms. These artificial constraints limit the redefinition and evolution of online identity to better reflect the complex, diverse, and rapidly-shifting nature of identity on the web.
Thankfully, the cryptography at the core of web3 enables authentication without relying on intermediaries, all while maintaining seamless interoperability with web2 and a superior user experience.
Spruce is building the full stack of open source tools and interoperability standards necessary to unbundle authentication, and rebuild it from first principles. Thanks to the proliferation of web3 wallets, internet users now have access to cryptographic private keys that can be used both on and off-chain for a wide range of interactions.
First among them is Sign-In with Ethereum (EIP-4361), a collaboration with the Ethereum Foundation and ENS, which is an open standard and new form of authentication that allows users to connect with web2 or web3 applications and control their digital identity directly using their wallet keys (no email address required), instead of through an intermediary.
SpruceID, a toolkit for decentralized identity, and Kepler, self-sovereign storage, set the stage for further innovations that build on people’s access to wallet keys and private data vaults: session keys, capability permission models, secure sharing of trusted data, radical improvements in privacy, decentralized credentialing or reputation, and more. Their product suite is a perfect example of the leap forward we’re seeing in web3. It outpaces any web2 login solution in privacy, security, and programmability without compromising the user experience.
The combination of open source and the removal of trusted intermediaries allows, for the first time, widespread permissionless innovation in authentication. Spruce’s toolkit provides new opportunities for web2 services to reduce login friction and extend the concept of digital identity, and makes it easy for web3 services to expand into the mainstream.
The Spruce team, co-founded by Wayne Chang and Gregory Rocco, has a rare combination of technical depth and long-term vision — an absolute necessity when reinventing the web’s foundational layers. Wayne and Rocco met at ConsenSys, where they worked on products bringing modern identity standards, like decentralized identifiers and verifiable credentials, to enterprise clients in the context of web3. Wayne has been a chair of W3C’s Verifiable Credentials Working Group since 2020. Their work has focused on using these advancements to bridge web2 and web3, such as allowing web3 wallets to sign human-readable data using a method that is machine-verifiable.
People need greater control over their data, privacy, and security; and builders deserve a rich and powerful foundation to advance authentication and identity. We believe that Wayne and Rocco are uniquely suited to build the software powering the identity layer for the next generation of the web, and we’re excited to join them on this journey.