Skip to main content

Token gating

Wallets that hold ≥ GATING_MIN_BALANCE of the gating token get free unlimited scans. Default:

VarValue
GATING_TOKEN_ADDRESS0xBA7cd6d68dd9dF817d1a86f534E29Afe54461B07
GATING_TOKEN_CHAIN_ID8453 (Base)
GATING_MIN_BALANCE1 (in token base units)

Flow

1. GET  /auth/nonce           → nonce
2. POST /auth/verify          → { message, signature } (SIWE)
3. POST /scan                 → gating middleware checks balanceOf
                                of the connected wallet on the gating
                                chain. If >= min, request proceeds.

The session is stored in an iron-session sealed cookie (SESSION_SECRET). Sessions expire after 7 days.

Frontend integration

const nonce = await getNonce();
const message = new SiweMessage({ ... nonce }).prepareMessage();
const signature = await signMessageAsync({ message });
await verifySiwe(message, signature);

See apps/web/src/components/SiweButton.tsx.