How does it work?

The Login with Lightning button is powered by LNURL-auth, a lightweight authentication protocol that is easy to use, easy to implement, and respects the user's privacy.

What is LNURL-auth?

LNURL-auth is a generic authentication protocol. It authenticates the user using digital signatures, which means that the user needs to have a public-private key pair. Thanks to the rising popularity of lightning wallets, more and more users are in possession of and have easy access to such keys.

Consequently, users are identified by their public keys, nothing else. The protocol does not require any other identifying information such as passwords, emails, usernames, or similar.

How does it work?

In short: the seed of your bitcoin wallet is used to generate secret authentication keys. As soon as you want to log in to a website, the website will pose a specific challenge that you can only solve with your secret authentication key.

A more technical explanation can be found here.

Are identities persistent?

Yes, but it does not transfer across sites or wallets.

Because a different authentication key is generated for every domain, you will be identified by a different public key for every site. Your identities can not be associated across domains.

However, as long as you log in to a site with the same wallet, you will have the same identity.

Who uses it?

A list of services that make use of LNURL-auth is maintained here.

Additional Resources

The following resources should be helpful if you want to learn more.