Sign Message
Sign and verify challenges for off-chain authentication
For dApps relying on signMessage
for off-chain authentication, Blocto follows ERC-1271 and ERC-191. To verify the signature, you need to call a method on the wallet contract to check if the signature came from a rightful owner of the wallet contract.
Blocto have built the tools to carry out this verification:
Use it in your dApps:
package main
import (
"log"
"net/http"
"github.com/ethereum/go-ethereum/ethclient"
"github.com/blocto/dappauth"
)
// AuthenticationHandler ..
type AuthenticationHandler struct {
client *ethclient.Client
}
// NewAuthenticationHandler ..
func NewAuthenticationHandler(rawurl string) (*AuthenticationHandler, error) {
client, err := ethclient.Dial(rawurl)
if err != nil {
return nil, err
}
return &AuthenticationHandler{client: client}, nil
}
// ServeHTTP serves just a single route for authentication as an example
func (a *AuthenticationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
challenge := r.PostFormValue("challenge")
signature := r.PostFormValue("signature")
addrHex := r.PostFormValue("addrHex")
authenticator := dappauth.NewAuthenticator(r.Context(), a.client)
isAuthorizedSigner, err := authenticator.IsAuthorizedSigner(challenge, signature, addrHex)
if err != nil {
// return a 5XX status code
}
if !isAuthorizedSigner{
// return a 4XX status code
}
// create an authenticated session for address
// return a 2XX status code
}
func main() {
handler, err := NewAuthenticationHandler("https://mainnet.infura.io")
if err != nil {
log.Fatal(err)
}
log.Fatal(http.ListenAndServe(":8080", handler))
}
PersonalSign Technical Details
According to ERC-191 and ERC-1271, when receiving personalSign
request with message
, Blocto will sign:
0x19
+0x0
+[User’s wallet address]
+ hash(0x19
+0x45 (E)
+thereum Signed Message:
+len(message)
+message
)
Migration Guide for dApps which Follow the Old Protocol ERC-1654
Please check the doc.
PreviousWeb3.js Integration - Ethereum / Arbitrum / Optimism / Polygon / BSC / Avalanche / TronNextBatch Transaction
Last updated
Was this helpful?