@didtools/pkh-solana
Version:
Implements support to authenticate, authorize and verify with Solana accounts as a did:pkh with SIWS(X) and CACAO. Primarly used with `did-session` and `@didtools/cacao`.
28 lines (27 loc) • 1.1 kB
JavaScript
import { SiwsMessage, verifyTimeChecks, assertSigned } from '@didtools/cacao';
import { AccountId } from 'caip';
import { ed25519 } from '@noble/curves/ed25519';
import { fromString as u8aFromString } from 'uint8arrays/from-string';
/**
* Get a configured CACAO SolanaVerifier map for Solana accounts
*/ export function getSolanaVerifier() {
return {
// eslint-disable-next-line @typescript-eslint/require-await
'solana:ed25519': async (cacao, opts)=>{
verifySolanaSignature(cacao, opts);
}
};
}
export function verifySolanaSignature(cacao, options) {
assertSigned(cacao);
verifyTimeChecks(cacao, options);
const msg = SiwsMessage.fromCacao(cacao);
const sig = cacao.s.s;
const messageU8 = msg.signMessage();
const sigU8 = u8aFromString(sig, 'base58btc');
const issAddress = AccountId.parse(cacao.p.iss.replace('did:pkh:', '')).address;
const pubKeyU8 = u8aFromString(issAddress, 'base58btc');
if (!ed25519.verify(sigU8, messageU8, pubKeyU8)) {
throw new Error(`Signature does not belong to issuer`);
}
}