Blocto
Blocto
Product
Blog
📣 Introduction
Give Feedback
Blocto
Overview
Web3.js Integration (Ethereum/Tron)
Sign Message
Batch Transaction
Deep Linking
Push Notification
Rewards
Blocto SDK
Overview
Flow
Ethereum (Coming Soon)
Tron (Coming Soon)
Tezos (Coming in 2021)
Solana (Coming in 2021)
Technical Documents
Contract Wallet
Key Management
Community
Discord
Twitter
Facebook
Powered by GitBook

Sign Message

Sign and verify challenges for off-chain authentication

For dApps relying on signMessage for off-chain authentication, Blocto follows EIP-1654. To verify the signature, you need to call method on the wallet contract to check if the signature came from a rightful owner of the wallet contract.

Dapper Labs has built the tools to carry out this verification:

Use it in your dApps:

Go
JavaScript
Go
package main
import (
	"log"
	"net/http"
	"github.com/ethereum/go-ethereum/ethclient"
	"github.com/dapperlabs/dappauth"
)
// AuthenticationHandler ..
type AuthenticationHandler struct {
	client *ethclient.Client
}
// NewAuthenticationHandler ..
func NewAuthenticationHandler(rawurl string) (*AuthenticationHandler, error) {
	client, err := ethclient.Dial(rawurl)
	if err != nil {
		return nil, err
	}
	return &AuthenticationHandler{client: client}, nil
}
// ServeHTTP serves just a single route for authentication as an example
func (a *AuthenticationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	challenge := r.PostFormValue("challenge")
	signature := r.PostFormValue("signature")
	addrHex := r.PostFormValue("addrHex")
	authenticator := dappauth.NewAuthenticator(r.Context(), a.client)
	isAuthorizedSigner, err := authenticator.IsAuthorizedSigner(challenge, signature, addrHex)
	if err != nil {
		// return a 5XX status code
	}
	if !isAuthorizedSigner{
		// return a 4XX status code
	}
	// create an authenticated session for address
	// return a 2XX status code
}
func main() {
	handler, err := NewAuthenticationHandler("https://mainnet.infura.io")
	if err != nil {
		log.Fatal(err)
	}
	log.Fatal(http.ListenAndServe(":8080", handler))
}
JavaScript
const Web3 = require('web3');
const DappAuth = require('@dapperlabs/dappauth');
const dappAuth = new DappAuth(new Web3.providers.HttpProvider('http://localhost:8545'));
async function debug() {
  const challenge = 'foo';
  const signature =
    '0x33838c6f4e621982c2009f9b93ecb854a4b122538159623abc87d2e4c5bd6d2e33591f443b419b3bd2790e455ba6d625f2ca14b822c5cef824ef7e9021443bed1c';
  const address = '0x86aa354fc865925f945b803ceae0b3f9d856b269';
  try {
    const isAuthorizedSigner = await dappAuth.isAuthorizedSigner(
      challenge,
      signature,
      address,
    );
    console.log(isAuthorizedSigner); // true
  } catch (e) {
    console.log(e);
  }
}
Blocto - Previous
Web3.js Integration (Ethereum/Tron)
Next
Batch Transaction
Last updated 1 month ago
Edit on GitHub