Meet the Tech: NativeAuth 🧩 The MultiversX-native authentication scheme — a signed token bound to a specific origin, a recent block hash, and an expiry, issued by a wallet and verified by an API. No password, no shared secret, no centralized identity provider. Proof of wallet control, time-bounded. Standard across MultiversX dApps and backend APIs. Wired into the dApp SDK and the JS SDK. 💡 🧵

How it works: import { nativeAuth } from '@multiversx/sdk-dapp/out/services/nativeAuth/nativeAuth'; const client = nativeAuth({ origin: 'https://[myapp]', apiAddress: 'api.multiversx.com', expirySeconds: 86400 }); const initToken = await client.initialize(); // user signs initToken via their wallet const accessToken = client.getToken({ address, token: initToken, signature }); initialize() produces a token containing the origin, latest block hash, expiry, and any extra info. The user signs it. getToken() bundles the signed result into the final accessToken.

The pattern that makes it broadly useful: cryptographic expiry binding. The token includes a recent block hash. The block hash anchors the token to a specific point in MultiversX's chain history. Expiry isn't a server-side clock — it's the distance from the bound block. Once the chain has moved past bound_block + expirySeconds, the token is invalid by construction. No revocation list. No timer. token = encodedOrigin.blockHash.expirySeconds.encodedExtraInfo

What to use it for: • Wallet-gated APIs — verify the bearer token, check the signature, check the block-hash expiry. Reject if any step fails. • Single sign-on across MultiversX dApps — same scheme, different apps; the token proves wallet control without sharing credentials • Long-lived sessions with chain-anchored expiry — set expirySeconds for the lifetime you want; the chain enforces it • Multi-shard apps — blockHashShard config picks which shard's blocks anchor the tokens. Default metachain works for most apps