Today, Sui announces zkLogin, the easiest way to bring users on-chain. zkLogin, a native Sui primitive, lets users log into apps using existing Web2 credentials from such providers as Google and Twitch. It eliminates the need for users to memorize or record private keys.

With wallet creation recognized as a significant source of user friction across the blockchain industry, some protocols offer third-party services to ease user onboarding. These solutions require trust in out-of-protocol hardware or services. As a primitive, zkLogin leverages zero-knowledge cryptography native to Sui.

New users wanting to explore zkLogin-capable apps on Sui will be given the option to log in with supported Web2 credential services. zkLogin lets users bypass the high friction process of creating a wallet and managing seed phrases.

A difficult path to adoption

Without a simple log-in process, builders miss a significant opportunity to onboard potential users. When potential users hear about an exciting new game or app on a blockchain, trying it out typically involves a much more complicated process than they’re likely used to. The blockchain app asks them to connect a wallet, forcing a new user to choose a wallet, install it, then go through the unfamiliar steps of creating an account using seed phrases. Many users will just give up, resulting in significant onboarding drop off.

App developers attempting to ease user onboarding are limited to either: (1) developing and managing custodial wallets, which increases engineering and regulatory overhead, or (2) integrating a third-party authentication solution, which introduces an extra layer of dependency and trust in out-of-protocol hardware or services.

Currently no other blockchain provides a native way to integrate Web2 authentication providers for applications at the protocol level.

Enter zkLogin

zkLogin, a new Sui primitive, lets users securely create accounts and submit transactions with their Web2 login credentials. Using zero-knowledge cryptography, zkLogin is enshrined at the protocol level, meaning there are no outside dependencies apart from the Web2 authentication provider.

zkLogin provides significant convenience for end-users without compromising security. It uses temporary keypairs and zero-knowledge cryptography to connect a Web2 authentication provider’s response to a specific Sui account. When using zkLogin, the only data submitted on-chain is a zero-knowledge proof and an ephemeral signature; it does not require any user information to be submitted on-chain. Additionally, the Web2 authentication provider remains unaware that the user is operating on a blockchain, ensuring privacy.

Preserving simplicity for the user, zkLogin opaquely generates a unique Sui address tied to the individual app offering a zkLogin option. The user does not see that address and has no need to save it, as it becomes part of the login flow through the Web2 authentication provider. Web3 users may continue to use their existing wallets to access zkLogin-equipped apps. At launch, zkLogin supports Google, Facebook, and Twitch as Web2 authentication providers, with more options coming in later versions broadening the potential user pool to an even wider audience.

Why use zkLogin?

• Build for mass adoption: Any user of a compatible Web2 authentication provider can log in with familiar account details and start interacting with apps in a matter of seconds.
• Embed blockchain features in Web2 experiences: The simplicity of Web2 authentication transaction signing creates new opportunities to make blockchain capabilities as part of everyday applications.
• Enable multi-device experiences: zkLogin exploits Sui's crypto agility, making it the right place to build multi-device solutions that also leverage biometric authentication.
• Strong user privacy: No personal information lives on-chain; only the zero-knowledge proof and the ephemeral signature is submitted on-chain.

Get started with zkLogin

Sui's layer one blockchain makes digital asset ownership fast, secure, and accessible to everyone. zkLogin, one of a host of Sui primitives designed to help onboard the next billion users to Web3, serves these values by making access as simple as logging into any account.

Today zkLogin supports Google, Facebook, and Twitch as Web2 authentication providers, with more options coming in later versions broadening the potential user pool substantially.

Developers may begin implementing zkLogin on Sui Devnet now, with Mainnet availability planned in the next few weeks. The zkLogin documentation explains how to install the SDK, set up Web2 authentication flows, and manage user logins. Get started today.