Auth
Provide a smooth user experience by enabling account-to-account transfers without the need to copy and paste wallet addresses or choose the right chain.
Introduction
Our Auth product is a seamless and secure solution for enabling direct account-to-account transfers between custodial accounts (ie, exchanges, fintechs, etc) and non-custodial accounts.
Backed by a deep network of supported venues, Auth eliminates manual and error-prone transfer steps leading to fragmented user experiences. Our platform handles secure authentication, initiates transfers, and ensures visibility and adherence to key compliance/AML standards. Offered through easy-to-integrate SDK's, Auth is built for scale, security, and seamless user journeys.
See full list of Auth Integrations here
Configuration Rules
You have the ability to tailor your Auth setup per your own preferences. See below list of configuration options:
- Custodial vs. Non-custodial Accounts: Configure whether the Connect AUTH SDK displays Custodial Accounts (ie, Coinbase exchange or Robinhood exchange), Non-custodial Accounts (ie, Metamask or Phantom wallet), or both.
- Granular Account Selection: Within the Custodial vs. Non-custodial accounts selection you made, you can further customize which exact accounts are made available to end customers. For example, you can choose to exclude Binance exchange and include others that fit your preference.
- Asset and Blockchain Network Control: Select the global set of supported crypto or stablecoin assets and the blockchains they operate on that your end customers will be able to transact with. For example, you can choose to support Bitcoin, Solana, Ethereum and Aptos deposits and withdrawals, choosing to not offer Dogecoin transfers.
- Control Over Non-AUTH Transfers: We can block any deposit that is not initiated through AUTH, ensuring that only transfers from the correct, verified (KYC’d) end customer are credited to their account.
- Customizable Account Matching Logic: Configure how the account-matching algorithm works to best fit your compliance and customer verification needs. Options include fuzzy matching (ie, Jaro-Winkler) and flexible rules based on first name, last name, address, email, phone number, or any combination of these data points when linking to centralized exchanges.
Different applications of Auth
Auth can be offered as a standalone product, or bundled within one of our Move products (Account Funding, Payouts, or Payins).
Auth - Standalone
Auth - Standalone enables your users to seamlessly transfer crypto and stablecoin assets to and from their accounts on your platform - whether they're coming from custodial wallets or non-custodial sources. Think of it as a more user-friendly, integrated alternative to traditional deposit and withdrawal flows.
Auth - Bundled with Move
Zerohash offers 3 Move products:
- Payouts
- Payins
- Account Funding
You can choose to enabled Auth for any these products. Example use cases:
- Payouts: Allow users to authenticate with their MetaMask wallet via our SDK and initiate payouts directly from their marketplace balance.
- Payins: Let users authenticate with their Coinbase exchange account via our SDK and pay for goods or services directly from their balance.
- Account Funding: Enable users to connect their Gemini account through our SDK and initiate transfers to fund their prediction market balance.
Auth Lite vs. Auth Validate
Regardless of whether Auth is employed as standalone or bundled, you can choose between 2 versions:
- Auth Lite:
- Purely a tech connectivity product, there is no account-matching validation performed between the end user account and the external account being connected
- Enables faster and more flexible integrations with minimal friction for end users
- Best suited for low-risk or closed-loop environments where account ownership verification is not required
- Auth Validate:
- Performs account-matching between the KYC’d customer record and the external account being connected
- Adds a layer of identity verification to reduce the risk of misdirected transfers or fraud
- Supports compliance with internal policies or regulatory requirements requiring account ownership validation
Auth Network
For a full list up supported Auth Integrations, see the page here.
Auth - Standalone Product Flow
Platform presents zerohash Auth as a deposit option
You should begin by adding zerohash Auth as a deposit option on your "Crypto Deposit" screen (or equivalent screen).
Submit user
Regardless of whether you use Auth Lite or Auth Validate, you'll need to submit some information to us via a REST API, allowing us to generate a 6 digit alpha-numeric participant_code
that uniquely identifies the user.
For Auth Lite, you have 2 options:
- Supply your own UUID for the user
Example POST /participants/customers/new call (keep in mind - zerohash will need to quickly configure your setup to make this the only required field for this API call):
{
"participant_uuid": "d098e59b-8023-4477-8b63-68fda3c53a30"
}
- Supply either an email or phone number associated with user
{
"email": "[email protected]"
}
{
"phone_number": "1234567890"
}
Each of these calls will return a response, ie:
{
"email": "1234567890",
"participant_code": "ABC123"
}
For Auth Validate, you'll need to submit more information about the user so that zerohash can perform PII account-matching. For each platform, we'll align on the level of account-matching that you'd like us to perform. Here is our standard level of PII:
Example POST /participants/customers/new:
{
"first_name": "John",
"last_name": "Smith",
"email": "[email protected]",
"phone_number": "1234567890",
"address_1": "1 main st",
"city": "New York",
"jurisdiction_code": "US-NY",
"zip": "10014",
"date_of_birth": "1992-09-02",
"tax_id": "123456789"
}
Example response:
{
"first_name": "John",
"last_name": "Smith",
"email": "[email protected]",
"phone_number": "1234567890",
"address_1": "1 main st",
"city": "New York",
"jurisdiction_code": "US-NY",
"zip": "10014",
"date_of_birth": "1992-09-02",
"tax_id": "123456789",
"participant_code": "ABC123" <-- participant_code generated
}
Auth SDK
Once the user selects Connect - Auth, invoke the Auth SDK:
Retrieve Auth JWT token
In order to successfully invoke the Access Token, you'll need to supply a participant_code
for the user (see full instructions here). Please note that this customer must be in an approved
status for this call to succeed. Please note: the correct permission to pass here is auth
.
Invoke the SDK using the JWT token
To invoke the SDK, you'll need to have generated an JWT token (as described in the previous section). See full instructions here to invoke the JTW, including our WebView instructions.
Landing page
The Landing Page is the first screen that the user will see. This screen displays the Auth Terms, Privacy Policy, Regulatory Disclosures, and captures explicit consent for the terms of this product:

Product introduction
This screen is an introduction to how the Auth experience will work:

Menu screen
The Menu screen allows the customer select the Auth integration centralized exchange or non-custodial wallet to link and ultimately pull funds from.

Auth - Enter credentials
- Depending on what is selected, the Auth integration-specific sign-in flow will be triggered. See here for each integration's specific workflow.
- Regardless of Auth Lite vs. Auth Validate, users will be forced to enter their credentials
- Only the Auth Validate will we perform the account-matching
Auth - Select Asset
zerohash will display your current balances of whichever Auth integration you selected:

Auth - Enter amount
The customer will now specify the amount of crypto/stablecoins to deposit:

Auth - Review
The customer will be asked to review the details of the deposit:

Auth - Deposit processing
The deposit has now been broadcasted on-chain and is en-route to zerohash. The customer can choose to stay on this screen to monitor the progress, or navigate away (navigating away from this screen will not affect the completion of the deposit):

Auth - Deposit completed
The deposit has confirmed on-chain, zerohash has sent the Auth Completed webhook and you should be credit the customer's balance on your end:

Webhooks
Platforms can receive webhooks that allow you to become aware of certain milestones of the transaction. Get in touch with a zerohash rep to have your callback URL's configured
See full list of Auth Integrations here
Updated about 14 hours ago