Rationale

We are encountering several use cases where the frontend must authenticate the user before interacting with the backend on the user's behalf. The obvious solutions such as "signing a message each time" or "signing just once and store the signed message", lead to re-inventing Sign-In-With-Ethereum (SIWE) aka EIP-4361.

Scope

Experiment with the SpruceID SSX SDK on a subset of the court frontend and evaluate if it provides any value.

For example:

• Authenticate before sending a query to retrieve the current notification settings of the user
• Authenticate before sending a query to modify them.

Acceptance

The user should only need to sign once message (excluding commit/reveal for now).
The SSX SDK should make it easy to handle the signed message and verify it when accessing backend resources.