Security Model

The direct and QR flows solve different trust problems. Keep that distinction explicit in your integration.

Direct sign-in

The direct plugin verifies a Nimiq-signed message over a server-issued nonce. The nonce record stores the origin and expires after a short TTL. The plugin deletes the nonce on verify, then links or creates the Better Auth user record for the normalized public key.

QR sign-in

The QR plugin adds one more layer:

• a random challenge id
• a random signer nonce
• a short confirmation code
• a desktop-only poll cookie stored as a hash in the database

The phone signs only the server-issued message. The desktop receives the Better Auth session only when it presents the matching poll cookie during status.

Boundaries

• The phone does not mint the Better Auth session.
• The QR does not contain a Better Auth session token.
• The plugin can enforce same-origin completion.
• The signer provider decides how to verify the phone assertion.

What stays outside this repo

Mnemonic entry on desktop is a separate product decision. These packages focus on mini-app key ownership and signed-message approval, not general-purpose wallet recovery.