diff --git a/packages/controller-utils/CHANGELOG.md b/packages/controller-utils/CHANGELOG.md
index 4d211062157..12ef81a4435 100644
--- a/packages/controller-utils/CHANGELOG.md
+++ b/packages/controller-utils/CHANGELOG.md
@@ -7,6 +7,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Changed
+
+- Replace `@spruceid/siwe-parser` with `@signinwithethereum/siwe-parser` ^4.2.0 ([#8497](https://github.com/MetaMask/core/pull/8497))
+  - The old package is no longer maintained. The Ethereum Identity Foundation now maintains the successor under the `@signinwithethereum` scope.
+  - The `ParsedMessage` class API is backward compatible.
+  - v4.2.0 relaxes EIP-55 address checksum enforcement: all-lowercase and all-uppercase addresses now parse successfully (with a non-fatal warning on the new `warnings: string[]` field); only mixed-case addresses with an invalid checksum still fail to parse.
+
 ## [11.20.0]
 
 ### Added
diff --git a/packages/controller-utils/package.json b/packages/controller-utils/package.json
index 6a1c28b8c7e..c9351695998 100644
--- a/packages/controller-utils/package.json
+++ b/packages/controller-utils/package.json
@@ -54,7 +54,7 @@
     "@metamask/eth-query": "^4.0.0",
     "@metamask/ethjs-unit": "^0.3.0",
     "@metamask/utils": "^11.9.0",
-    "@spruceid/siwe-parser": "2.1.0",
+    "@signinwithethereum/siwe-parser": "^4.2.0",
     "@types/bn.js": "^5.1.5",
     "bignumber.js": "^9.1.2",
     "bn.js": "^5.2.1",
diff --git a/packages/controller-utils/src/siwe.test.ts b/packages/controller-utils/src/siwe.test.ts
index c792ac3499f..d6b0350a277 100644
--- a/packages/controller-utils/src/siwe.test.ts
+++ b/packages/controller-utils/src/siwe.test.ts
@@ -1,4 +1,4 @@
-import { ParsedMessage } from '@spruceid/siwe-parser';
+import { ParsedMessage } from '@signinwithethereum/siwe-parser';
 
 import { detectSIWE, isValidSIWEOrigin } from './siwe';
 
diff --git a/packages/controller-utils/src/siwe.ts b/packages/controller-utils/src/siwe.ts
index f82574a38de..4310910cffd 100644
--- a/packages/controller-utils/src/siwe.ts
+++ b/packages/controller-utils/src/siwe.ts
@@ -1,5 +1,5 @@
 import { remove0x } from '@metamask/utils';
-import { ParsedMessage } from '@spruceid/siwe-parser';
+import { ParsedMessage } from '@signinwithethereum/siwe-parser';
 
 import { projectLogger, createModuleLogger } from './logger';
 
diff --git a/packages/profile-sync-controller/CHANGELOG.md b/packages/profile-sync-controller/CHANGELOG.md
index 57bfa3474bb..f347101b223 100644
--- a/packages/profile-sync-controller/CHANGELOG.md
+++ b/packages/profile-sync-controller/CHANGELOG.md
@@ -9,6 +9,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Changed
 
+- Replace `siwe` with `@signinwithethereum/siwe` ^4.2.0 ([#8497](https://github.com/MetaMask/core/pull/8497))
+  - The old package is no longer maintained by Spruce. The Ethereum Identity Foundation now maintains the successor under the `@signinwithethereum` scope. The `SiweMessage` class API is backward compatible for the usage in this package (`new SiweMessage({...}).prepareMessage()`).
 - Bump `@metamask/keyring-controller` from `^25.1.1` to `^25.2.0` ([#8363](https://github.com/MetaMask/core/pull/8363))
 - Bump `@metamask/messenger` from `^1.0.0` to `^1.1.1` ([#8364](https://github.com/MetaMask/core/pull/8364), [#8373](https://github.com/MetaMask/core/pull/8373))
 - Bump `@metamask/base-controller` from `^9.0.1` to `^9.1.0` ([#8457](https://github.com/MetaMask/core/pull/8457))
diff --git a/packages/profile-sync-controller/package.json b/packages/profile-sync-controller/package.json
index c7936bc88c6..7157dd8eb87 100644
--- a/packages/profile-sync-controller/package.json
+++ b/packages/profile-sync-controller/package.json
@@ -116,9 +116,9 @@
     "@metamask/utils": "^11.9.0",
     "@noble/ciphers": "^1.3.0",
     "@noble/hashes": "^1.8.0",
+    "@signinwithethereum/siwe": "^4.2.0",
     "immer": "^9.0.6",
-    "loglevel": "^1.8.1",
-    "siwe": "^2.3.2"
+    "loglevel": "^1.8.1"
   },
   "devDependencies": {
     "@lavamoat/allow-scripts": "^3.0.4",
diff --git a/packages/profile-sync-controller/src/sdk/authentication-jwt-bearer/flow-siwe.ts b/packages/profile-sync-controller/src/sdk/authentication-jwt-bearer/flow-siwe.ts
index 3d23e1756b7..24a8160da36 100644
--- a/packages/profile-sync-controller/src/sdk/authentication-jwt-bearer/flow-siwe.ts
+++ b/packages/profile-sync-controller/src/sdk/authentication-jwt-bearer/flow-siwe.ts
@@ -1,4 +1,4 @@
-import { SiweMessage } from 'siwe';
+import { SiweMessage } from '@signinwithethereum/siwe';
 
 import { ValidationError } from '../errors';
 import { validateLoginResponse } from '../utils/validate-login-response';
diff --git a/yarn.lock b/yarn.lock
index b5a994e4dbf..b9905be25d2 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3271,7 +3271,7 @@ __metadata:
     "@metamask/eth-query": "npm:^4.0.0"
     "@metamask/ethjs-unit": "npm:^0.3.0"
     "@metamask/utils": "npm:^11.9.0"
-    "@spruceid/siwe-parser": "npm:2.1.0"
+    "@signinwithethereum/siwe-parser": "npm:^4.2.0"
     "@ts-bridge/cli": "npm:^0.6.4"
     "@types/bn.js": "npm:^5.1.5"
     "@types/jest": "npm:^29.5.14"
@@ -4991,6 +4991,7 @@ __metadata:
     "@metamask/utils": "npm:^11.9.0"
     "@noble/ciphers": "npm:^1.3.0"
     "@noble/hashes": "npm:^1.8.0"
+    "@signinwithethereum/siwe": "npm:^4.2.0"
     "@ts-bridge/cli": "npm:^0.6.4"
     "@types/jest": "npm:^29.5.14"
     deepmerge: "npm:^4.2.2"
@@ -5000,7 +5001,6 @@ __metadata:
     jest-environment-jsdom: "npm:^29.7.0"
     loglevel: "npm:^1.8.1"
     nock: "npm:^13.3.1"
-    siwe: "npm:^2.3.2"
     ts-jest: "npm:^29.2.5"
     tsx: "npm:^4.20.5"
     typedoc: "npm:^0.25.13"
@@ -5805,7 +5805,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@noble/hashes@npm:1.8.0, @noble/hashes@npm:^1.1.2, @noble/hashes@npm:^1.3.1, @noble/hashes@npm:^1.3.2, @noble/hashes@npm:^1.7.1, @noble/hashes@npm:^1.8.0, @noble/hashes@npm:~1.8.0":
+"@noble/hashes@npm:1.8.0, @noble/hashes@npm:^1.3.1, @noble/hashes@npm:^1.3.2, @noble/hashes@npm:^1.7.0, @noble/hashes@npm:^1.7.1, @noble/hashes@npm:^1.8.0, @noble/hashes@npm:~1.8.0":
   version: 1.8.0
   resolution: "@noble/hashes@npm:1.8.0"
   checksum: 10/474b7f56bc6fb2d5b3a42132561e221b0ea4f91e590f4655312ca13667840896b34195e2b53b7f097ec080a1fdd3b58d902c2a8d0fbdf51d2e238b53808a177e
@@ -6384,6 +6384,33 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@signinwithethereum/siwe-parser@npm:^4.2.0":
+  version: 4.2.0
+  resolution: "@signinwithethereum/siwe-parser@npm:4.2.0"
+  dependencies:
+    "@noble/hashes": "npm:^1.7.0"
+    apg-js: "npm:^4.4.0"
+  checksum: 10/641e7b0424723a0138dcbe50a94d5c48b3cf144dc668a6c134d8e3ed5271792f87c5920c8d042af6cd7fa4d84e0a2add68f2c7e1eae03391752a145fadd9c403
+  languageName: node
+  linkType: hard
+
+"@signinwithethereum/siwe@npm:^4.2.0":
+  version: 4.2.0
+  resolution: "@signinwithethereum/siwe@npm:4.2.0"
+  dependencies:
+    "@signinwithethereum/siwe-parser": "npm:^4.2.0"
+  peerDependencies:
+    ethers: ^5.7.0 || ^6.13.0
+    viem: ^2.7.0
+  peerDependenciesMeta:
+    ethers:
+      optional: true
+    viem:
+      optional: true
+  checksum: 10/26c9faca9c6f482fecf0a845a749b700b849691247f23afaf5dc701e61b3669dc0ff3ba297f12f3d548181e86412c6bdd876af3e316ac2f7400087ce7048c29f
+  languageName: node
+  linkType: hard
+
 "@sinclair/typebox@npm:^0.27.8":
   version: 0.27.8
   resolution: "@sinclair/typebox@npm:0.27.8"
@@ -6485,63 +6512,6 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@spruceid/siwe-parser@npm:2.1.0":
-  version: 2.1.0
-  resolution: "@spruceid/siwe-parser@npm:2.1.0"
-  dependencies:
-    "@noble/hashes": "npm:^1.1.2"
-    apg-js: "npm:^4.1.1"
-    uri-js: "npm:^4.4.1"
-    valid-url: "npm:^1.0.9"
-  checksum: 10/12198f613f15000b5ec2e2f59c4c3c34918c88d48e0c2e2cfdb34ce926b89a13b6f18e7612777ffb8fa25ca2c226577e47c72592e76823b03770b67c54f78d38
-  languageName: node
-  linkType: hard
-
-"@spruceid/siwe-parser@npm:^2.1.2":
-  version: 2.1.2
-  resolution: "@spruceid/siwe-parser@npm:2.1.2"
-  dependencies:
-    "@noble/hashes": "npm:^1.1.2"
-    apg-js: "npm:^4.3.0"
-    uri-js: "npm:^4.4.1"
-    valid-url: "npm:^1.0.9"
-  checksum: 10/48459fe3b4d4b3091375ee87af700864c9023d4a1271d34850c6d27475e5d93a45d1efe8a71da367ad838b6921ced60c387d54737edd0a7a0d8e4e0a3cc2b8b7
-  languageName: node
-  linkType: hard
-
-"@stablelib/binary@npm:^1.0.1":
-  version: 1.0.1
-  resolution: "@stablelib/binary@npm:1.0.1"
-  dependencies:
-    "@stablelib/int": "npm:^1.0.1"
-  checksum: 10/c5ed769e2b5d607a5cdb72d325fcf98db437627862fade839daad934bd9ccf02a6f6e34f9de8cb3b18d72fce2ba6cc019a5d22398187d7d69d2607165f27f8bf
-  languageName: node
-  linkType: hard
-
-"@stablelib/int@npm:^1.0.1":
-  version: 1.0.1
-  resolution: "@stablelib/int@npm:1.0.1"
-  checksum: 10/65bfbf50a382eea70c68e05366bf379cfceff8fbc076f1c267ef2f2411d7aed64fd140c415cb6c29f19a3910d3b8b7805d4b32ad5721a5007a8e744a808c7ae3
-  languageName: node
-  linkType: hard
-
-"@stablelib/random@npm:^1.0.1":
-  version: 1.0.2
-  resolution: "@stablelib/random@npm:1.0.2"
-  dependencies:
-    "@stablelib/binary": "npm:^1.0.1"
-    "@stablelib/wipe": "npm:^1.0.1"
-  checksum: 10/f5ace0a588dc4c21f01cb85837892d4c872e994ae77a58a8eb7dd61aa0b26fb1e9b46b0445e71af57d963ef7d9f5965c64258fc0d04df7b2947bc48f2d3560c5
-  languageName: node
-  linkType: hard
-
-"@stablelib/wipe@npm:^1.0.1":
-  version: 1.0.1
-  resolution: "@stablelib/wipe@npm:1.0.1"
-  checksum: 10/287802eb146810a46ba72af70b82022caf83a8aeebde23605f5ee0decf64fe2b97a60c856e43b6617b5801287c30cfa863cfb0469e7fcde6f02d143cf0c6cbf4
-  languageName: node
-  linkType: hard
-
 "@tanstack/query-core@npm:4.43.0, @tanstack/query-core@npm:^4.43.0":
   version: 4.43.0
   resolution: "@tanstack/query-core@npm:4.43.0"
@@ -7494,7 +7464,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"apg-js@npm:^4.1.1, apg-js@npm:^4.3.0":
+"apg-js@npm:^4.4.0":
   version: 4.4.0
   resolution: "apg-js@npm:4.4.0"
   checksum: 10/425f19096026742f5f156f26542b68f55602aa60f0c4ae2d72a0a888cf15fe9622223191202262dd8979d76a6125de9d8fd164d56c95fb113f49099f405eb08c
@@ -13942,20 +13912,6 @@ __metadata:
   languageName: node
   linkType: hard
 
-"siwe@npm:^2.3.2":
-  version: 2.3.2
-  resolution: "siwe@npm:2.3.2"
-  dependencies:
-    "@spruceid/siwe-parser": "npm:^2.1.2"
-    "@stablelib/random": "npm:^1.0.1"
-    uri-js: "npm:^4.4.1"
-    valid-url: "npm:^1.0.9"
-  peerDependencies:
-    ethers: ^5.6.8 || ^6.0.8
-  checksum: 10/6ea5ad9a9046fa916f85bf9d3092bc898f7e339d9c552714ea53ecc17daa4f78300c3cf7cc9c70fe57baf77dcee5cb38c6e1d692400b874cd84d297b1261918c
-  languageName: node
-  linkType: hard
-
 "slash@npm:^3.0.0":
   version: 3.0.0
   resolution: "slash@npm:3.0.0"
@@ -14860,13 +14816,6 @@ __metadata:
   languageName: node
   linkType: hard
 
-"valid-url@npm:^1.0.9":
-  version: 1.0.9
-  resolution: "valid-url@npm:1.0.9"
-  checksum: 10/343dfaf85eb3691dc8eb93f7bc007be1ee6091e6c6d1a68bf633cb85e4bf2930e34ca9214fb2c3330de5b652510b257a8ee1ff0a0a37df0925e9dabf93ee512d
-  languageName: node
-  linkType: hard
-
 "validate-npm-package-license@npm:^3.0.1, validate-npm-package-license@npm:^3.0.4":
   version: 3.0.4
   resolution: "validate-npm-package-license@npm:3.0.4"