Question of how to sign / verify a message

Question

Question of how to sign / verify a message

shawnlauzon opened this issue 3 years ago · 4 comments

I have a question about using the keychain to verify a user on the server who is already logged in on the client.

Since there is no token which can be passed to the server, my idea was that the client could sign a message and then on the server decode the message. I see a call requestVerifyKey which I would think would do this, but it returns Incomplete data or wrong format. Is there a way to do this or something similar which would produce the same results?

Thank you.

Answer 1 · 2021-07-01T08:38:47.000Z

Yes, you can use this way or SignBuffer / SignTx to ask to sign a transaction. Then verify the signature on the server side.
I'm guessing you forgot to start the string by # in order to encode it.

Answer 2 · 2021-07-03T00:15:53.000Z

Thanks, it's working now. I didn't even need to add the #, so might have been user error. But thank you for the response, nonetheless.

Answer 3 · 2021-07-03T00:50:06.000Z

@stoodkev One more question: How do I "verify the signature" on the server side?

Answer 4 · 2021-09-11T05:17:52.000Z

Sorry for (extremely) late answer but in case its still relevant to someone:
You can just sign a message to use as a password during signin, store it in your db, and then ask user to sign the same message to log in and compare it to the one in your db.