controller-signers
npx skills add https://github.com/cartridge-gg/docs --skill controller-signers
Agent 安装分布
Skill 文档
Controller Signers & Authentication
Controller supports multiple authentication methods (signers) for flexibility and security.
Supported Signer Types
| Type | Description | Best For |
|---|---|---|
webauthn |
Passkey (biometric/hardware key) | Primary auth, most secure |
google |
Google OAuth | Easy onboarding |
discord |
Discord OAuth | Gaming communities |
twitter |
Twitter/X OAuth | Social integration |
argent |
Argent wallet (Starknet) | Starknet native users |
braavos |
Braavos wallet (Starknet) | Starknet native users |
metamask |
MetaMask (desktop only) | EVM users |
phantom-evm |
Phantom EVM mode (desktop only) | Multi-chain users |
rabby |
Rabby wallet (desktop only) | Security-focused users |
walletconnect |
WalletConnect (desktop only) | Cross-device |
password |
Email/password | Testing only |
Warning: Password authentication is non-recoverable. If users lose their password, they permanently lose account access. Do not use in production.
Configuring Auth Options
const controller = new Controller({
signupOptions: [
"webauthn", // Passkeys
"google", // Google OAuth
"discord", // Discord OAuth
"twitter", // Twitter/X OAuth
"argent", // Argent wallet
"braavos", // Braavos wallet
"metamask", // MetaMask (desktop)
"phantom-evm", // Phantom (desktop)
"rabby", // Rabby (desktop)
"walletconnect",// WalletConnect (desktop)
],
});
Order reflects UI order. With one option, branded buttons appear.
Dynamic Authentication
Override auth options per connection:
// Default options
const controller = new Controller({
signupOptions: ["webauthn", "google", "discord"],
});
// Branded Phantom flow
await controller.connect(["phantom-evm"]);
// Branded Google flow
await controller.connect(["google"]);
Branded Buttons
Single signer config shows branded styling:
// Shows "sign up with Phantom" button with Phantom branding
const controller = new Controller({
signupOptions: ["phantom-evm"],
});
Passkey Authentication
Platform support: iOS (Face ID/Touch ID), Android, Windows Hello, password managers (Bitwarden, 1Password).
Passkeys are backed up via:
- Apple: iCloud Keychain
- Android: Google account
- Windows: Windows account
Social Login
Uses Auth0 + Turnkey wallet infrastructure:
- Popup OAuth flow (fallback to redirect if blocked)
- OIDC token validation with nonce
- Turnkey wallet creation linked to social account
Native app limitation: OAuth may not work in webviews. Use passkeys for native apps.
External Wallets
Starknet Wallets
- Argent: Advanced security features, account management
- Braavos: Built-in security features
EVM Wallets (Desktop Only)
- MetaMask: Popular browser extension
- Rabby: Security-focused multi-chain
- Phantom: Multi-chain with EVM support
Cross-Platform
- WalletConnect: QR code or deep link connection
Note: EVM wallets are automatically hidden on mobile browsers.
Chain Switching
const success = await controller.externalSwitchChain(
"metamask", // wallet type
chainId // target chain (hex)
);
Braavos does not support chain switching.
Transaction Confirmation
const response = await controller.externalWaitForTransaction(
"metamask",
txHash,
30000 // timeout ms
);
if (response.success) {
console.log("Receipt:", response.result);
} else {
console.error("Error:", response.error);
}
Multi-Signer Management
Add backup signers via Settings > Signer(s) > Add Signer (Mainnet only).
To remove a signer:
- Navigate to Settings > Signer(s)
- Find the signer to remove
- Click Remove option
Best practices:
- Add 2-3 different signer types for recovery
- Test each auth method periodically
- Remove compromised signers promptly
Account Synchronization
Argent and Braavos wallets auto-sync when user switches accounts in wallet.
Controller registers accountsChanged listener and updates state automatically.
Note: Account synchronization is currently only available for Starknet wallets (Argent and Braavos). Other external wallets maintain existing connection behavior.
Platform-Specific Configuration
const isMobile = /iPhone|iPad|iPod|Android/i.test(navigator.userAgent);
const authOptions = isMobile
? ["webauthn", "google", "discord", "argent", "braavos"]
: ["webauthn", "google", "discord", "argent", "braavos", "metamask", "walletconnect"];
await controller.connect(authOptions);