@mountainpass/eth-sign
    TypeScript icon, indicating that this package has built-in type declarations

    1.0.31 • Public • Published

    eth-sign

    A wrapper for performing eth based sign and verify (client and server side).

    Notes

    When providing a message to sign, you should explain "why they need to sign, and what will happen"

    For example:

    Hi there from {firstName}! Press "Sign this message" to prove you have access to this wallet and we’ll log you in. This won’t cost you anything! To scuttle the plans of would-be wrong doers, here’s a one time message that is hard to guess (no need to save this): d458fa15-dcab-4d85-a477–004d6febca12

    What this message does:

    • Addresses the user
    • Uses human language, no jargon
    • Reiterates who the message is from
    • Asks them to sign and explains what they’re signing
    • Sets expectations and frames the message in terms of their goal: “by doing this you’ll be logged in”
    • Explains why
    • Makes it clear it’s not financial
    • Includes the nonce for security purposes
    • Or in other words… when faced with this message, your user understands what they need to do, why they need to do it and what will happen next.

    ClientSide (UI) TLDR;

    Provide user actions, to connect a wallet and sign a message:

    Typescript

    import ProviderWrapper from '@mountainpass/eth-sign'
    
    const provider = new ProviderWrapper(new ethers.providers.Web3Provider(ethereum))
    
    // state
    const [accounts, setAccounts] = React.useState([] as string[])
    const [signature, setSignature] = React.useState('-')
    
    // actions
    const doConnect = () => provider.connect(setAccounts)
    const doSign = (msg: string) => provider.signMessage(msg).then(setSignature)
    React.useEffect(() => provider.onAccountsChanged(setAccounts), [])

    ServerSide (Backend) TLDR;

    On the backend, determine the wallet that signed the message (based on having the original unsigned message):

    Javascript

    const ProviderWrapper = require('@mountainpass/eth-sign').default
    
    const signerWallet = await new ProviderWrapper().verifyMessage(originalMessageSlashSalt, theSignedMessage)

    License

    Apache 2.0 © nickgrealy

    Install

    npm i @mountainpass/eth-sign

    DownloadsWeekly Downloads

    9

    Version

    1.0.31

    License

    Apache-2.0

    Unpacked Size

    21 kB

    Total Files

    6

    Last publish

    Collaborators

    • tompahoward
    • nickgrealy