Sign in With Google Bittensor

Standard OAuth authentication powered by on-chain identity and permissions.

Use wallets as identities.

Use on-chain state as access control.

Configure Auth Client View Github

Works with any OAuth2 or OIDC library

THE PROBLEM

Bittensor identity has no standard authentication layer

Custom auth gets rebuilt for every subnet

OAuth doesn't understand miners or stake

Off-the-shelf tools can't authenticate

Can't login with a browser wallet

Wallet = Identity

Chain State = Permissions

OAuth = Access Token

SOLUTION

OAuth – Backed by the Chain

Taostats Auth Gateway connects Bittensor identity to the existing OAuth ecosystem.

PROCESS

How it Works

Taostats Auth Gateway connects Bittensor identity to the existing OAuth ecosystem.

1 / App requests login

2 / Redirect to taostats Auth

3 / Wallet signs authentication

4 / On-chain verification

5 / JWT token issued

6 / Application grants access

On-chain scopes are re-verified at every token refresh. If a miner deregisters, their access lapses automatically at the next epoch. No manual revocation.

Verify On-chain Conditions

Scope

Verifies

subnet:1:miner

Registered miner

subnet:1:validator

Validator

subnet:18:owner

Subnet owner

subnet:1:holder:100

Alpha holder

tao:holder:50

TAO holder

delegate:{hotkey}

Delegator relationship

staker:1000

Network stake

Permissions follow the chain automatically.

Real Infrastructure Use Cases

Headless Miner Auth

CLI authentication using Device Code Flow (RFC 8628)

Validator Dashboards

Gate access to subnet validators. Access auto-revokes when deregistered.

Token Gated Content

Different content at different holder thresholds.

Subnet Owner Portals

Verify subnet ownership automatically, no allowlist required.

Auth Flows

Authorization Code + PKCE

Standard web application login

Device Code Flow

CLI and headless authentication

OpenID Connect

Full OIDC compatibility

Developer Integration

01 /

Standard OAuth2/OIDC — no custom SDK.

02 /

JWKS endpoint for resource server validation.

03 /

Token claims include hotkey, coldkey, scope, sub.

GET STARTED

Trust & Security

This is a centralised layer on a decentralised system. Open source and self-hostable.

Hosted Service: Configure an auth client with taostats Pro

Self hosted: Run your own gateway

Explore: Test flows at auth.taostats.io

Configure Auth Client View Github

Signing

Signing on Taostats infrastructure

Re-verified

Re-verified at every token refresh

Epoch-aligned

Epoch-aligned expiry

PKCE Flow

PKCE required for public clients

No Database

Chain is truth, no role database

Self Hostable

Open source, self-hostable

Sign in With Google Bittensor

Standard OAuth authentication powered by on-chain identity and permissions.

Use wallets as identities.

Use on-chain state as access control.

Configure Auth Client View Github

Works with any OAuth2 or OIDC library

THE PROBLEM

Bittensor identity has no standard authentication layer

Custom auth gets rebuilt for every subnet

OAuth doesn't understand miners or stake

Off-the-shelf tools can't authenticate

Can't login with a browser wallet

Wallet = Identity

Chain State = Permissions

OAuth = Access Token

SOLUTION

OAuth – Backed by the Chain

Taostats Auth Gateway connects Bittensor identity to the existing OAuth ecosystem.

PROCESS

How it Works

Taostats Auth Gateway connects Bittensor identity to the existing OAuth ecosystem.

1 / App requests login

2 / Redirect to taostats Auth

3 / Wallet signs authentication

4 / On-chain verification

5 / JWT token issued

6 / Application grants access

On-chain scopes are re-verified at every token refresh. If a miner deregisters, their access lapses automatically at the next epoch. No manual revocation.

Verify On-chain Conditions

Scope

Verifies

subnet:1:miner

Registered miner

subnet:1:validator

Validator

subnet:18:owner

Subnet owner

subnet:1:holder:100

Alpha holder

tao:holder:50

TAO holder

delegate:{hotkey}

Delegator relationship

staker:1000

Network stake

Permissions follow the chain automatically.

Real Infrastructure Use Cases

Headless Miner Auth

CLI authentication using Device Code Flow (RFC 8628)

Validator Dashboards

Gate access to subnet validators. Access auto-revokes when deregistered.

Token Gated Content

Different content at different holder thresholds.

Subnet Owner Portals

Verify subnet ownership automatically, no allowlist required.

Auth Flows

Authorization Code + PKCE

Standard web application login

Device Code Flow

CLI and headless authentication

OpenID Connect

Full OIDC compatibility

Developer Integration

01 /

Standard OAuth2/OIDC — no custom SDK.

02 /

JWKS endpoint for resource server validation.

03 /

Token claims include hotkey, coldkey, scope, sub.

GET STARTED

Trust & Security

This is a centralised layer on a decentralised system. Open source and self-hostable.

Hosted Service: Configure an auth client with taostats Pro

Self hosted: Run your own gateway

Explore: Test flows at auth.taostats.io

Configure Auth Client View Github

Signing

Signing on Taostats infrastructure

Re-verified

Re-verified at every token refresh

Epoch-aligned

Epoch-aligned expiry

PKCE Flow

PKCE required for public clients

No Database

Chain is truth, no role database

Self Hostable

Open source, self-hostable