Build with VerusID

Self-sovereign identity on the blockchain. Passwordless login, crypto payments, recoverable keys, and on-chain data — all with simple API calls.

Try It

Authentication
Login with VerusID
Scan with Verus Mobile to authenticate.
Scan QR or tap the button on mobile
Payments
Pay with VerusPay
Generate a payment QR code.
Scan to pay with Verus Mobile
Identity Lookup

Coming Soon: Identity Requests

These endpoints generate deep links using the new GenericRequest framework. They'll work once Verus Mobile merges the generic-request-changes branch. The deep links are generated live — the wallet just can't process them yet.

Identity Update
Update Content Multimap
Request a user to write data to their VerusID. The wallet will prompt them to approve.
Wallet support coming soon

Vault Security

Every VerusID has built-in security features that don't exist in normal crypto wallets. Look up any identity to see its security status.

🔒
Revocation Authority
Recovery Authority
Primary Address
Timelock
What if someone steals my private key?
With a normal wallet: Your funds are gone forever. No recourse.

With VerusID: If your identity is locked, the thief can't move any funds — even with your private key. You use your revocation authority to revoke access, then your recovery authority to restore control to a new key. All on-chain, no central authority needed.
What if I lose my private key?
Your recovery authority can update the identity to use a new primary address. If recovery is set to another VerusID you control (or a trusted party), you can always regain access. This is impossible with Bitcoin, Ethereum, or any standard crypto wallet.
What does locking actually do?
Locking sets the flags & 2 bit on-chain. When locked, no transactions can be sent from this identity — not even by the private key holder. Only the revocation authority can unlock it, and only after a timelock period (if set). Think of it as a vault door with a time delay.

# Lock an identity
./verus updateidentity '{"name":"veruscx","flags":2}'

# Unlock (starts timelock countdown)
./verus updateidentity '{"name":"veruscx","flags":0}'
How is this different from a multisig wallet?
Multisig requires multiple keys to sign every transaction — inconvenient for daily use. VerusID lets you transact normally with one key while locked, but the revocation/recovery authorities are separate keys that only activate for security events. You get convenience AND security, not one or the other.
Can I set someone else as my recovery authority?
Yes — your recovery and revocation authorities can be any VerusID. Set your spouse, your company, or a trusted friend as your recovery authority. If you lose access, they can restore it. You can also set them to yourself (self-sovereign) for full control.

Learn More

1
User clicks
Login
2
Server creates
challenge
3
User scans
QR code
4
Wallet signs
response
5
Server verifies
on-chain

No passwords. Users sign a cryptographic challenge with their VerusID. Verified against the blockchain — no credential database to leak.

No OAuth. No third-party provider. Your server talks directly to the blockchain.

Cross-platform. QR code (desktop), deep link (mobile), or browser extension. Auto-detected.

We built verus-connect — a drop-in package that handles login, payments, QR codes, deep links, and extension support.

1. Install

npm install github:Fried333/verus-connect
npm install git+https://github.com/VerusCoin/verusid-ts-client.git

2. Configure (.env)

SIGNING_IADDRESS=iYourVerusIDAddress
PRIVATE_KEY=UxYourWIFPrivateKey
CALLBACK_URL=https://yoursite.com/verusidlogin

3. Run (zero code)

npx verus-connect start

Or embed as Express middleware

const { verusAuth } = require('verus-connect/server');
app.use('/verus', verusAuth({
  iAddress: process.env.SIGNING_IADDRESS,
  privateKey: process.env.PRIVATE_KEY,
  callbackUrl: process.env.CALLBACK_URL,
}));

Frontend (login button)

<button id="login">Login with VerusID</button>
<canvas id="qr"></canvas>
<script src="https://cdn.jsdelivr.net/npm/qrcode/build/qrcode.min.js"></script>
<script>
document.getElementById('login').onclick = async () => {
  const { challengeId, deepLink } = await
    fetch('/verus/login', { method: 'POST' }).then(r => r.json());
  await QRCode.toCanvas(document.getElementById('qr'), deepLink, { width: 250 });
  const poll = setInterval(async () => {
    const d = await fetch(`/verus/result/${challengeId}`).then(r => r.json());
    if (d.status === 'verified') {
      clearInterval(poll);
      alert(`Welcome, ${d.friendlyName}!`);
    }
  }, 3000);
};
</script>

Payment button

// Supports VerusID names, i-addresses, and R-addresses
const { deep_link } = await fetch('/verus/pay-deeplink', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({ address: 'veruscx@', amount: 5 })
}).then(r => r.json());

Identity update request (v3)

// Request user to update their content multimap
const { deep_link } = await fetch('/verus/identity-update-request', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    identity: 'veruscx@',
    updates: { contentMultiMap: { 'vdxfKeyId': { msg: 'hello' } } }
  })
}).then(r => r.json());

verus-typescript-primitives — Core types: LoginConsentRequest, VerusPayInvoice, TransferDestination, VDXF keys.

verusid-ts-client — VerusID interface for signing, verifying, and RPC interaction.

Mobile Wallet Support

Login Consent RequestActive
VerusPay InvoiceActive
Identity Update RequestCode exists, disabled
Web Wallet ExtensionActive (window.verus)

Sidecar Endpoints

POST /loginCreate login challenge
GET /result/:idPoll for result
POST /pay-deeplinkGenerate payment QR — accepts name@, i-address, or R-address
POST /identity-update-requestCreate identity update request deep link (v3)
GET /healthHealth check + genericRequestSupported flag

Public RPC (api.verus.services)

getidentityIdentity by name or i-address
getcurrencyCurrency definition
getaddressbalanceAddress balance
listcurrenciesAll currencies
GitHub · Verus.io · Docs · Discord