Wallet Address Change

felipe1 · February 19, 2025, 5:29pm

I have a user on our testing environment (which runs on Sepolia and Arbitrum Sepolia) who initially signed up via email in December 2024. At that time, their wallet address was:

0xF0af42ceAb4c4e4694DbB5469337B9Ca3c20Cc9A

However, a few days ago, after signing in again, the same account returned a different wallet address:

0x7bbF3435fe7498Ad2f2EcC25f3d16380939B0876

I checked on Etherscan, and here’s what I found:

• 0x7bbF3435fe7498Ad2f2EcC25f3d16380939B0876 → 0 transactions (Etherscan link)

• 0xF0af42ceAb4c4e4694DbB5469337B9Ca3c20Cc9A → Has transactions (Etherscan link)

Has anyone encountered something like this before? Could there be an explanation for why the wallet address changed upon signing in?

w3abot · February 19, 2025, 5:32pm

Hi Felipe,

Thanks for reaching out to us with your concern.

It seems like you’re experiencing an issue where a user’s wallet address changes after signing in. This typically shouldn’t happen unless the method of key generation or some configuration changes between sessions. Here are a few things to consider that might help diagnose the issue:

Web3Auth Initialization Configuration: Ensure that the initialization parameters haven’t changed for the user’s second login. Changes in the key derivation method, such as using a different verifier, could potentially lead to this. Could you share any code snippets related to how Web3Auth is initialized in your app, specifically for the email login?
Testing Environment Details: As you mentioned using Sepolia and Arbitrum Sepolia, ensure these environments are configured consistently across both sessions. Any discrepancies here could potentially lead to different addresses being provided.
Verification Process: Double-check if the verifier settings (if you are using a custom verifier) are consistent. Changes here could also impact the wallet address.
Recent Changes: If there were any recent updates in your app or the Web3Auth SDK, these might affect behavior. Keep an eye on Web3Auth’s changelog for any breaking changes.
JWT and JWKS (if applicable): If you’re using your own authentication mechanism, there might be a setting affecting how the keys are being derived.

This information will help us better understand the context and guide you more accurately. If the issue persists, please ensure all of the above settings are consistent across sessions. If there’s anything specific you notice during initialization or the login process, feel free to share more details!

Best,
[Your Name]

Note: This response was generated by an AI bot and may require further verification. The Web3Auth support team has tracked this issue and will be responding as soon as possible.

Additionally, we would recommend you to join our biweekly Office Hours to get this resolved even faster. Web3Auth Developer Office Hours

felipe1 · February 19, 2025, 5:40pm

There was no change in the verifier.

These were the SDK versions back in December:

"@web3auth/auth-adapter": "^9.3.0",
"@web3auth/base": "^9.3.0",
"@web3auth/default-evm-adapter": "^9.3.0",
"@web3auth/ethereum-provider": "^9.3.0",
"@web3auth/no-modal": "^9.3.2",
"@web3auth/wallet-connect-v2-adapter": "^9.3.0",

And now:

"@web3auth/auth-adapter": "^9.5.4",
"@web3auth/base": "^9.5.4",
"@web3auth/default-evm-adapter": "^9.5.4",
"@web3auth/ethereum-provider": "^9.5.4",
"@web3auth/no-modal": "^9.5.4",
"@web3auth/wallet-connect-v2-adapter": "^9.5.4",

maharshi · March 3, 2025, 5:27am

Hey @felipe1
This is not expected unless any changes are made. We have a comprehensive doc enlisting what all can cause change in keys and how to prevent it if you want to. Please have a look and let me know.

felipe1 · March 5, 2025, 1:36pm

We have a single verifier with Custom Providers using JWT. And no changes were made as far as we know. Is there a way to track this?

felipe1 · March 13, 2025, 9:36am

Is there any update?

maharshi · March 13, 2025, 11:54am

@felipe1
If this is particular to a single account, please share their login method and verifier id ?
Does downgrading to the older SDK keep the address as the new one or switches it back to the old one?

felipe1 · March 17, 2025, 3:34pm

The login method was email, and the verifier is custom-verifier-jwt-firebase. The address remains the same after downgrading the SDK.

maharshi · March 25, 2025, 12:08pm

Hey @felipe1
Can you please share the client id for your project?

felipe1 · March 25, 2025, 2:42pm

Is it safe to post it publicly?

maharshi · March 26, 2025, 4:13am

Hey @felipe1
I have messaged you here, can you share your client id via DM?
Can you also share the verifier id, i.e. if it’s email then the email for the user getting different addresses or their sub if that’s the configuration?

felipe1 · March 26, 2025, 8:31am

just responded your dm