In Sui Wallet Desktop, choose 'Sign in with Google' (or Apple/Facebook) at first launch. Complete the OAuth flow in your browser. The wallet generates a zkLogin address tied to your OAuth identity.

What providers support zkLogin Sui?

Google, Apple, and Facebook are the OAuth providers currently supported for Sui zkLogin. Sui Wallet Desktop supports all three on Windows, Mac, and Linux.

What are zkLogin pros and cons?

Pros: no seed phrase to memorize, faster onboarding for new crypto users, recoverable via OAuth account. Cons: depends on OAuth provider keeping your account active, less sovereign than seed phrase wallets, social engineering risk on OAuth credentials.

How to set up zkLogin?

Install Sui Wallet Desktop, choose Sign in with Google/Apple/Facebook at first launch, complete OAuth, wallet ready.

Authentication

zkLogin Explained

zkLogin uses zero-knowledge proofs to let users authenticate to Sui via OAuth providers (Google, Apple, Facebook) without exposing their social credentials on-chain. The zk proof binds an OAuth-issued JWT to a stable Sui address. Trade-off: depends on the OAuth provider's continued availability; if your OAuth account is closed, you lose wallet access unless you've also stored a seed phrase backup.

Last updated: 11 May 2026.

zkLogin tutorial — quick overview

zkLogin is Sui's OAuth-based authentication. Instead of generating a wallet from a 24-word seed phrase, you sign in with Google, Apple, or Facebook — the wallet uses cryptographic proofs to bind your social-login identity to a Sui address. The benefit: no seed phrase to manage. The trade-off: dependence on the OAuth provider keeping your account active. For the basic feature page, see /zklogin.

zkLogin guide — how it works mechanically

OAuth flow — your browser opens to Google/Apple/Facebook sign-in
JWT issuance — the OAuth provider returns a JWT proving you authenticated
Salt generation — Sui Wallet Desktop generates a random salt
zk proof creation — the wallet generates a zero-knowledge proof binding JWT and salt to a Sui address, without revealing the underlying OAuth identity
Transaction signing — the wallet generates a fresh zk proof for each transaction signature
Verification on-chain — the Sui blockchain verifies the proof and accepts the transaction

The key cryptographic guarantee: someone watching the Sui blockchain cannot derive your Google/Apple/Facebook identity from your on-chain activity.

zkLogin step by step — using it

Open the wallet for the first time
Choose "Sign in with Google" (or Apple, or Facebook)
Browser opens to OAuth flow — sign in with your account
Approve the access request the provider shows
Return to Sui Wallet Desktop — your zkLogin address is ready
Use the wallet like any other Sui wallet — send, receive, stake, dApps

Total time: under two minutes.

zkLogin walkthrough — recovery

To recover a zkLogin wallet on a new device: install Sui Wallet Desktop, choose Sign in with Google (or original provider), sign in with the same OAuth account. The wallet derives the same zkLogin address — your funds appear.

zkLogin authentication explained — vs seed phrase

	zkLogin	Seed phrase
Setup	OAuth sign-in	Generate + back up 24 words
Recovery	Sign in with same OAuth	Re-enter 24 words
Trust dependency	OAuth provider	Self-managed
Convenience	High	Lower
Sovereignty	Lower	Higher
Best for	Onboarding, casual use	Power users, large balances

ZK proof zkLogin / zero knowledge proof zkLogin

The "zk" in zkLogin stands for zero-knowledge proof. A zero-knowledge proof lets you prove a statement is true without revealing the underlying data. In zkLogin, the proof says: "The person controlling this Sui address has a valid OAuth JWT from this provider" — without revealing who the OAuth user is.

OAuth zkLogin Sui — the providers

Google — most common, broadest user base
Apple — Sign in with Apple, particularly natural on macOS
Facebook — supported but less common for crypto use

zkLogin use cases — where it shines

Onboarding non-crypto users — eliminating seed phrase friction
Sponsored transactions — combined with sponsored gas, removes "you need SUI to use Sui" hurdle
Casual Sui apps — games, social apps, light-touch DeFi
Wallet replacement for credential managers — for users already managing OAuth as their primary auth

Less suited for: power users with large balances who prioritize sovereignty over convenience.

zkLogin Sui blockchain explained — the technical detail

At the protocol level, zkLogin works because Sui's signature verification logic accepts zk proofs in addition to standard ECDSA signatures. The Sui validator verifies the zk proof structure; the proof contains a public statement (Sui address, OAuth provider, JWT issuance time); the proof demonstrates knowledge of a JWT that combines with the salt to produce the public address. Every validator checks every zkLogin signature.

zkLogin demo / zkLogin examples

Sui Wallet Desktop — try the "Sign in with Google" flow
Slush — Mysten's wallet uses zkLogin for some onboarding flows
Sui dApps — increasingly support zkLogin natively
Sui Foundation tutorials in the developer documentation

zkLogin pros and cons

Pros: No seed phrase to memorize; familiar OAuth flow; recoverable via OAuth; works with sponsored transactions; privacy-preserving on-chain.

Cons: Depends on OAuth provider; less sovereign than seed phrase wallets; OAuth credential compromise = wallet compromise; some advanced features may still require seed phrase setup.

Frequently asked questions

Download Sui Wallet Desktop