Change Details

Context: https://linear.app/comm/issue/ENG-2226/add-nonce-to-cookie-session This table will hold `nonce`s for the SIWE flow. Entries will be created on calls to the `siwe_nonce` endpoint... at which point any "stale" nonces for a given `ethereum_address` will be clobbered/deleted. Entries will be checked during calls to `siwe_verify` (tentative name) to ensure that the `ethereum_address` and `nonce` in the signed message match what's in the `siwe_nonces` table AND that the `creation_time` is < 30 minutes ago. After the entry is successfully checked it'll be deleted from the `siwe_nonces` table... we never care about the value of the `nonce` again. Entries will also be "swept up" by some sort of "cron" script that runs every so often to clean up expired `nonce`s. Here's a rough sketch of the design that I'm working off of:

Context: https://linear.app/comm/issue/ENG-2226/add-nonce-to-cookie-session This table will hold `nonce`s for the SIWE flow. Entries will be created on calls to the `siwe_nonce` endpoint... at which point any "stale" nonces for a given `ethereum_address` will be clobbered/deleted. Entries will be checked during calls to `siwe_verify` (tentative name) to ensure that the `ethereum_address` and `nonce` in the signed message match what's in the `siwe_nonces` table AND that the `creation_time` is < 30 minutes ago. After the entry is successfully checked it'll be deleted from the `siwe_nonces` table... we never care about the value of the `nonce` again. Entries will also be "swept up" by some sort of "cron" script that runs every so often to clean up expired `nonce`s. Here's a rough sketch of the design that I'm working off of: {F287238}

Context: https://linear.app/comm/issue/ENG-2226/add-nonce-to-cookie-session This table will hold `nonce`s for the SIWE flow. Entries will be created on calls to the `siwe_nonce` endpoint... at which point any "stale" nonces for a given `ethereum_address` will be clobbered/deleted. Entries will be checked during calls to `siwe_verify` (tentative name) to ensure that the `ethereum_address` and `nonce` in the signed message match what's in the `siwe_nonces` table AND that the `creation_time` is < 30 minutes ago. After the entry is successfully checked it'll be deleted from the `siwe_nonces` table... we never care about the value of the `nonce` again. Entries will also be "swept up" by some sort of "cron" script that runs every so often to clean up expired `nonce`s. Here's a rough sketch of the design that I'm working off of: {F287238}