Blocto
About porttoBlog
Search…
📣
Introduction
Give Feedback
Blocto
Overview
Web3.js Integration (Ethereum / BSC / Polygon / Avalanche / Tron)
Sign Message
Batch Transaction
Switch Chain
Web3.js Integration (Solana)
Deep Linking
Push Notification
Rewards
Token Listing
BLOCTO SDK
Overview
Register App ID
Javascript SDK
Android SDK
iOS SDK
Technical Documents
Contract Wallet
Key Management
Community
Discord
Twitter
Facebook
Powered By GitBook
Sign Message
Sign and verify challenges for off-chain authentication
For dApps relying on signMessage for off-chain authentication, Blocto follows EIP-1654. To verify the signature, you need to call a method on the wallet contract to check if the signature came from a rightful owner of the wallet contract.
Dapper Labs has built the tools to carry out this verification:
Use it in your dApps:
Go
JavaScript
1
package main
2
​
3
import (
4
"log"
5
"net/http"
6
​
7
"github.com/ethereum/go-ethereum/ethclient"
8
"github.com/dapperlabs/dappauth"
9
)
10
​
11
// AuthenticationHandler ..
12
type AuthenticationHandler struct {
13
client *ethclient.Client
14
}
15
​
16
// NewAuthenticationHandler ..
17
func NewAuthenticationHandler(rawurl string) (*AuthenticationHandler, error) {
18
client, err := ethclient.Dial(rawurl)
19
if err != nil {
20
return nil, err
21
}
22
return &AuthenticationHandler{client: client}, nil
23
}
24
​
25
// ServeHTTP serves just a single route for authentication as an example
26
func (a *AuthenticationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
27
​
28
challenge := r.PostFormValue("challenge")
29
signature := r.PostFormValue("signature")
30
addrHex := r.PostFormValue("addrHex")
31
​
32
authenticator := dappauth.NewAuthenticator(r.Context(), a.client)
33
isAuthorizedSigner, err := authenticator.IsAuthorizedSigner(challenge, signature, addrHex)
34
if err != nil {
35
// return a 5XX status code
36
}
37
if !isAuthorizedSigner{
38
// return a 4XX status code
39
}
40
​
41
// create an authenticated session for address
42
// return a 2XX status code
43
}
44
​
45
func main() {
46
handler, err := NewAuthenticationHandler("https://mainnet.infura.io")
47
if err != nil {
48
log.Fatal(err)
49
}
50
​
51
log.Fatal(http.ListenAndServe(":8080", handler))
52
}
Copied!
1
const Web3 = require('web3');
2
const DappAuth = require('@dapperlabs/dappauth');
3
​
4
const dappAuth = new DappAuth(new Web3.providers.HttpProvider('http://localhost:8545'));
5
​
6
async function debug() {
7
const challenge = 'foo';
8
const signature =
9
'0x33838c6f4e621982c2009f9b93ecb854a4b122538159623abc87d2e4c5bd6d2e33591f443b419b3bd2790e455ba6d625f2ca14b822c5cef824ef7e9021443bed1c';
10
const address = '0x86aa354fc865925f945b803ceae0b3f9d856b269';
11
​
12
try {
13
const isAuthorizedSigner = await dappAuth.isAuthorizedSigner(
14
challenge,
15
signature,
16
address,
17
);
18
​
19
console.log(isAuthorizedSigner); // true
20
} catch (e) {
21
console.log(e);
22
}
23
}
Copied!
Blocto - Previous
Web3.js Integration (Ethereum / BSC / Polygon / Avalanche / Tron)
Next
Batch Transaction
Last modified 1yr ago
Copy link