Signing arbitrary data enables you to verify the user's possession of an account. This guide will walk you through the signing process and verification.
Obtain a chain provider
As covered in , obtain a chain provider for the networks you want to interact with. In the following examples, we will use both Ethereum and Constellation providers.
Constellation signatures for messages are done through a . The signature request object is sent for the user to accept. Uppon approval, a signature of the whole object is returned.
// Build the signature request
const signatureRequest: SignatureRequest = {
content: "Sign this message to confirm your address",
metadata: {
user: "3feb69d6-d3f0-4812-9c93-384bee08afe8",
},
};
Encode the signature request
Requests need to be a Base64 < JSON encoded string to sign. The wallet will then generate the signature from the same characters that compose this encoded request.
// Send the request and wait for the signature
await dagProvider.request({
method: "dag_signMessage",
params: [
"DAG88C9WDSKH451sisyEP3hAkgCKn5DN72fuwjfX",
signatureRequestEnconded,
],
});
// "3045022100b35798008516373fcc6eef75fe8e322ce8fe0dccc4802b052f3ddc7c6b5dc2900220154cac1e4f3e7d9a64f4ed9d2a518221b273fe782f037a5842725054f1c62280"
The returned signature corresponds to the SHA512 hash of the encoded signature request and the private key of the user. ECDSA.sign(privateKey, sha512(signatureRequestEnconded)).
After you generate a signature from your encoded request, you need to retrieve the public key from the signer's account for future verification. This is due to the fact that Constellation signatures are not recoverable (i.e. do not contain the v parameter like in Ethereum).
// Send the request and wait for the signature
await dagProvider.request({
method: "dag_getPublicKey",
params: ["DAG88C9WDSKH451sisyEP3hAkgCKn5DN72fuwjfX"],
});
// "0482c4566a9c4cbb6f23b9a31c96876501c71f5c04b35f416e0b2243113cce8fb386a2db0b3881d1c908d33465748b948649165a6705904120238999eed6eed1f4"
// Send the request and wait for the signature
await dagProvider.request({
method: "personal_sign",
params: [
"0x5369676e2074686973206d65737361676520746f20636f6e6669726d20796f7572206164647265737320616e64207573657249642033666562363964362d643366302d343831322d396339332d333834626565303861666538",
"0x9b2055d370f73ec7d8a03e965129118dc8f5bf83",
],
});
// "0xa3f20717a250c2b0b729b7e5becbff67fdaef7e0699da4de7ca5895b02a170a12d887fd3b17bfdce3481f10bea41f45ba9f709d39ce8325427b57afcfc994cee1b"
// Can also be a valid UTF-8 string
await dagProvider.request({
method: "personal_sign",
params: [
"Sign this message to confirm your address and userId 3feb69d6-d3f0-4812-9c93-384bee08afe8",
"0x9b2055d370f73ec7d8a03e965129118dc8f5bf83",
],
});
// "0xa3f20717a250c2b0b729b7e5becbff67fdaef7e0699da4de7ca5895b02a170a12d887fd3b17bfdce3481f10bea41f45ba9f709d39ce8325427b57afcfc994cee1b"
The returned signature corresponds to the keccak256 hash of the prefix + message string and the private key of the user. ECDSA.sign(privateKey, keccak256("\x19Ethereum Signed Message:\n" + len(message) + message)).
The returned signature corresponds to the keccak256 hash of the domainSeparator + hashStruct(message) and the private key of the user. ECDSA.sign(privateKey, keccak256("\x19\x01" + domainSeparator + hashStruct(message)).
Once built and encoded, you can send the encoded signature request using the RPC method.
When the signature request is sent, the wallet will verify compliance with the schema of the . If it does not comply, the wallet will throw an error.
Read more about
Get the account public key
Ethereum Message Signing
The Stargazer Ethereum RPC API implements both () and () as arbitrary message signing methods.
personal_sign method
The RPC API provided reveals the RPC method for message signing. In this case, the message signed is an arbitrary hex string prefixed by the "\x19Ethereum Signed Message:\n" string and the length of the message in bytes from .
Read more about
eth_signTypedData method
The RPC API provided reveals the RPC method for typed message signing. In this case, the message signed is the hash of the typed data according to prefixed by the "\x19\x01" string according to .
Read more about
Constellation Signature Verification
For signature verification, we will be using the package. The following snippet illustrates how you can verify an encoded request signature.
Ethereum Signature Verification
For signature verification, we will be using the package. The following snippets illustrate how you can verify different message signatures.
.svg?alt=media&token=f31f417e-1743-4ed1-8244-f1ad9a4fd041)