Describe your issue or question
All Web3Auth social logins (Kakao, Google, etc.) fail in production on sapphire_mainnet. The user only sees Failed to connect with wallet. Cannot redefine property: name. Tracing it through the network tab, there are actually two stacked upstream bugs:
- The
/citadel-service/v1/signer/feature-accesspreflight returns 403 (code 1003, “…growth plan … (MFA settings) are not available”) even though our app does not use MFA. The endpoint gates the feature on the mere presence of theis_mfa_settingsquery param, treating the string"false"(and"0") as truthy. - That 403 is then masked by
Cannot redefine property: name, thrown inside the hostedauth.web3auth.io/v11error class duringhandleLoginInitiated, so the real “feature not available” message never surfaces.
The exact same code/flow works fine on sapphire_devnet (our preview env), since devnet isn’t gated.
Which platform or framework are you using
Next.js 16.1.6 (App Router) + React 19.2.4 + TypeScript 5.9, with wagmi 3.x / viem 2.52.2, deployed on Vercel. Login via @web3auth/modal/react (useWeb3AuthConnect) and @web3auth/modal/react/wagmi.
Which Web3Auth / Embedded Wallet SDK (name and version)
@web3auth/modal@11.1.1. Hosted login UI: Web3Auth .
- Network:
sapphire_mainnet - Plan: Growth — team_id
82312 - clientId:
BJTsiyw70ma2_TaukF334ExXTPMZ9kM0tiehfU4zxt36WwlEISsvTc50eXmpOirHsK275kXFegnRX4MJV8UWVQw
What is not working as expected
Bug A — feature-access gates is_mfa_settings by presence, not value. We configure no MFA (mfaLevel/mfaSettings are never passed). Yet the hosted login sends is_mfa_settings=false in its preflight, and the endpoint 403s. Direct reproduction against the live endpoint, varying only is_mfa_settings:
Request (…&network=sapphire_mainnet&…) |
HTTP |
|---|---|
enable_gating=true (param absent) |
200 |
is_mfa_settings=&enable_gating=true (empty value) |
200 |
is_mfa_settings=false&enable_gating=true |
403 |
is_mfa_settings=0&enable_gating=true |
403 |
is_mfa_settings=true&enable_gating=true |
403 |
false and 0 (meaning “not requesting MFA”) are treated as truthy → feature gated → 403 → all social login blocked on Growth + mainnet. This looks like a server-side if (query.is_mfa_settings) string-truthiness bug. The same presence-based gating applies to is_wallet_service.
Bug B — the 403 is masked by Cannot redefine property: name. When the SDK constructs the error for that 403, the hosted auth.web3auth.io/v11 error class calls Object.defineProperty(this, "name", { value: … }) without configurable: true, throwing TypeError: Cannot redefine property: name and replacing the real message. This was already fixed in npm @web3auth/auth@11.0.0 (it adds configurable: true), and our resolved app-side packages are ≥11 — so the throw is coming from the hosted bundle, which still ships the unfixed error class.
Net: a Growth-plan project on mainnet that uses neither MFA nor Wallet Services still can’t do any social login, and the surfaced error is misleading.
Code snippets
// Web3AuthContext.tsx — note: NO mfaLevel / mfaSettings configured anywhere in the app
const web3AuthOptions: Web3AuthOptions = {
clientId: config.web3Auth.clientId,
web3AuthNetwork: WEB3AUTH_NETWORK.SAPPHIRE_MAINNET,
initialAuthenticationMode: CONNECTOR_INITIAL_AUTHENTICATION_MODE.CONNECT_ONLY,
walletServicesConfig: {
loginMode: "plugin",
confirmationStrategy: CONFIRMATION_STRATEGY.DEFAULT,
modalZIndex: 99999,
enableKeyExport: false,
whiteLabel: { showWidgetButton: false /* … */ },
},
};
// login (social):
const { connect } = useWeb3AuthConnect();
await connect(); // selecting Kakao/Google → fails with the error below
Exact error and logs
Minimal reproduction (no SDK needed — direct curl to the gating endpoint):
# 403 — a feature we do NOT use, sent as "false":
curl -s "https://api.web3auth.io/citadel-service/v1/signer/feature-access?client_id=BJTsiyw70ma2_TaukF334ExXTPMZ9kM0tiehfU4zxt36WwlEISsvTc50eXmpOirHsK275kXFegnRX4MJV8UWVQw&network=sapphire_mainnet&is_mfa_settings=false&enable_gating=true"
# {"code":1003,"error":"The current subscription plan is growth and requesting features (MFA settings) are not available on growth plan. Please upgrade to a higher plan at https://dashboard.web3auth.io ...","success":false,"metadata":{"team_id":82312}}
# 200 — identical call with the is_mfa_settings param removed:
curl -s "https://api.web3auth.io/citadel-service/v1/signer/feature-access?client_id=BJTsiyw70ma2_TaukF334ExXTPMZ9kM0tiehfU4zxt36WwlEISsvTc50eXmpOirHsK275kXFegnRX4MJV8UWVQw&network=sapphire_mainnet&enable_gating=true"
# {"success":true,"metadata":{"team_id":82312}}
Browser console (trimmed) during social login on mainnet:
GET https://api.web3auth.io/citadel-service/v1/signer/feature-access?client_id=BJTsiyw70...&network=sapphire_mainnet&is_whitelabel=false&session_time=2592000&is_custom_auth=false&is_mfa_settings=false&enable_gating=true 403 (Forbidden)
Response: 403 Forbidden
TypeError: Cannot redefine property: name
at Object.defineProperty (<anonymous>)
at new fr (index-BU9VRKq8.js:25:103357)
at fr.fromCode (index-BU9VRKq8.js:25:103441)
at fr.invalidParams (index-BU9VRKq8.js:25:103574)
at fF (index-BU9VRKq8.js:65:1799)
at async Promise.all (auth.web3auth.io/v11/index 1)
'Error in handleLoginInitiated'
WalletLoginError: Failed to connect with wallet. Cannot redefine property: name
at s.fromCode (...) at s.connectionError (...)
'Error while connecting via social login (AUTH)'
Package details
| Package | Version |
|---|---|
@web3auth/modal |
11.1.1 |
@web3auth/no-modal (resolved) |
11.1.0 |
@web3auth/auth (resolved) |
11.8.1 |
@web3auth/ws-embed (resolved) |
6.1.0 |
wagmi / viem / mipd |
3.6.x / 2.52.2 / 0.0.7 |
next / react / @tanstack/react-query |
16.1.6 / 19.2.4 / 5.90.x |
Network: sapphire_mainnet · Plan: Growth · team_id: 82312
What we’d like
- Fix
feature-accessparam parsing sois_mfa_settings=false/=0(andis_wallet_service=false) are not treated as “feature requested” (strict boolean parse, not string truthiness). Today a project that doesn’t use these features is fully blocked on mainnet purely because the hosted login sends the flags with falsey string values. - Fix/redeploy the hosted
auth.web3auth.io/v11error class to addconfigurable: true(already fixed in@web3auth/auth@11.xon npm) so the real error isn’t masked byCannot redefine property: name.