Provide Utility for Verifying Signatures #611
Comments
|
We have an implementation of We will extract this, and probably promote this to a new API in the |
|
Here's a self-contained sig validation JS gist based on the above, meant for letting users prove that they own a wallet address. It ensures the public key matches the wallet address, though you could just ask for the public key alone. I also threw in Alternatively, is there any way to get the public key of an address you don't control? It's not easy for end users to get their public key because, for some reason, Temple wallet doesn't display it anywhere. Easiest way I know of is using Beacon's built-in code editor at https://docs.walletbeacon.io/guides/sign-payload and adding in |
|
Utilities around verifying ownership of an address are necessary indeed. Thanks for the gist @tolmekian1453. Would you mind sharing how you built your signature? I am trying to implement a "login with wallet" mechanism but fail to validate the signature - I get a Here is a gist of how I generate my signature, which is based on the taquito docs on signature (https://tezostaquito.io/docs/signing/#generating-a-signature-with-beacon-sdk). https://gist.github.com/gwendall/f1434318986bda590ddac7962d21ba19 I then pass it to my server, re-create the bytes from the user nonce and use your verify function. Any idea what I'm doing wrong ? |
|
@tolmekian1453 @jevonearth Here is a small repro, any idea what I'm doing wrong ? |
It would be useful to have an API that could verify signatures of payloads. Specifically, it would take:
And would return a boolean indicating if the signature matches.
As a bonus, it could also support tz2/tz3 signature schemes (sppk/spsig, p2pk,p2sig, IIRC)
The text was updated successfully, but these errors were encountered: