Error: Signer address does not match payload address

[davidicon]

Hi, I am encountering a subjected error after signing in with a Safe (Multisig wallet).

Framework: Next.js 14

I'm using the ConnectWallet component to connect/sign in through the Safe wallet. It works fine with wallets other than Safe, but it only throws this subjected error after signing in from the Safe wallet accessed through safe.global."

Component to connect/sign wallet

<ConnectWallet
          theme={'dark'}
  />

"app/api/auth/[...thirdweb]/route.ts"

export const { ThirdwebAuthHandler, getUser } = ThirdwebAuthAppRouter({
  domain: "localhost:3008",
  wallet: new PrivateKeyWallet(process.env.WALLET_KEY || ""),
  callbacks: {
    onLogin: async (userAddress) => {
      return userAddress
    },
    onUser: async (userAddress) => {
      return userAddress
    },
  }
});

export { ThirdwebAuthHandler as GET, ThirdwebAuthHandler as POST }; 

App wrapped

            supportedChains={[Polygon,Sepolia]}
              queryClient={queryClient}
              activeChain={Polygon}
              clientId="xxxxxxxxxxx"
              supportedWallets={[
                  safeWallet({

                    personalWallets:[
                      metamaskWallet(),
                    ]
                  }), 
              ]}
              authConfig={{
                  authUrl: "/api/auth",
                  domain:"http://localhost:3008/",
              }}
          >
                  {children}
          </ThirdwebProvider>```

[joaquim-verges]

thanks for the report @davidicon - it seems to works on the thirdweb dashboard so might something obvious missing here. adding @MananTank for support.

just checking - are you on the latest versions of the auth and react packages?

[davidicon]

Thank you for quick response, yes I am on latest below are I am using,

"@thirdweb-dev/auth": "^4.1.32",
"@thirdweb-dev/react": "^4.4.8",
"@thirdweb-dev/sdk": "^4.0.36",

I have tested on different version of 4 getting same issue, You are right its work on thirdweb dashboard, also it also work on version 3 but not on 4,

[joaquim-verges]

@davidicon you're saying your setup works with @thirdweb-dev/react@3 ? cc @MananTank

[davidicon]

Yes I tried with thirdweb-auth-next and it works as expected but not on v4 latest

V3 didn't support latest Nextjs 14

[MananTank]

Hi @davidicon Thanks for reporting this, I'm looking into this

[MananTank]

Hey @davidicon, We are still investigating this issue. We have found that the bug was introduced recently. Please use the below version which is the latest version with working auth with Safe signer

"@thirdweb-dev/auth": "4.1.27",
"@thirdweb-dev/react": "4.4.2",
"@thirdweb-dev/sdk": "4.0.30",

[davidicon]

4.1.27

Just tested with the given version getting same error

[MananTank]

Hi @davidicon. Can you try signin-in in this example?: https://next-typescript-starter-git-mnn-app-router-safe-sign.thirdweb-preview.com/

I've tested it out and the sign-in works for me.

Code used in this example: https://github.com/thirdweb-example/next-typescript-starter/pull/19/files

I've used following versions in the example:

"@thirdweb-dev/auth": "4.1.31",
"@thirdweb-dev/react": "4.4.2",
"@thirdweb-dev/sdk": "4.0.30",

Note that I'm using 4.1.31 instead of 4.1.27 that I've suggested in earlier comment. while both works on dev - 4.1.31 fixes a build time typescript issue which was present in 4.1.27

[davidicon]

Yes I tried on the given example, its working But don't know why its not working on Nextjs 14 with App directory

[davidicon]

Hi @davidicon. Can you try signin-in in this example?: https://next-typescript-starter-git-mnn-app-router-safe-sign.thirdweb-preview.com/

I've tested it out and the sign-in works for me.

Code used in this example: https://github.com/thirdweb-example/next-typescript-starter/pull/19/files

I've used following versions in the example:

"@thirdweb-dev/auth": "4.1.31",
"@thirdweb-dev/react": "4.4.2",
"@thirdweb-dev/sdk": "4.0.30",

Note that I'm using 4.1.31 instead of 4.1.27 that I've suggested in earlier comment. while both works on dev - 4.1.31 fixes a build time typescript issue which was present in 4.1.27

Good day, I just deploy to demonstrate with the recommended versions, but still i am getting same error, I tested on Polygon Mainnet, can you please have quick look. Your support will be highly appreciated. Thank you.

Github Repo: https://github.com/davidicon/thirdweb Vercel Deployment: https://thirdweb-omega.vercel.app/

[MananTank]

Hi @davidicon - I was able to replicate the issue in my example app with Next.js 14 but it works as expected in Next.js 13.

Can you use Next.js 13 for now while we figure out the root cause of this issue and rollout a fix for this?

[the-rpc]

thanks for the report @davidicon - it seems to works on the thirdweb dashboard so might something obvious missing here. adding @MananTank for support.

just checking - are you on the latest versions of the auth and react packages?

It looks like this issue has made its way into the ThirdWeb Dashboard. @MananTank are there any updates on this issue?

[MananTank]

Hey @the-rpc, Thanks for reporting this issue, We are looking into this

[MananTank]

Hi @the-rpc, Sorry for the late response here.

We have found the root cause of this issue. The problem was not passing secretKey in ThirdwebAuth / ThirdwebAuthAppRouter.

Adding secretKey in ThirdwebAuthAppRouter as shown below fixes this issue

ThirdwebAuthAppRouter({
  domain,
  wallet,
  thirdwebAuthOptions: {
    secretKey: '...' // <- Need to pass this
  },
});

You can get a secret key + client key by creating an API Key on https://thirdweb.com/create-api-key

[the-rpc]

Thank you @MananTank for the update and insight into the issue. I was able to get it working in a local project. Has this fix been deployed to the ThirdWeb Dashboard so I can manage contracts there while logged in via Safe?

[jnsdls]

Thank you @MananTank for the update and insight into the issue. I was able to get it working in a local project. Has this fix been deployed to the ThirdWeb Dashboard so I can manage contracts there while logged in via Safe?

yep, all fixed!