Signatures
Use signatures with XMTP
With XMTP, you can use various types of signatures to sign and verify payloads.
Sign with an external wallet
When a user creates, adds, removes, or revokes an XMTP inbox's identity or installation, a signature is required.
Sign with an XMTP key
You can sign something with XMTP keys. For example, you can sign with XMTP keys to send a payload to a backend.
const signature = client.signWithInstallationKey(signatureText);const signature = await client.signWithInstallationKey(signatureText);val signature = client.signWithInstallationKey(signatureText)let signature = try client.signWithInstallationKey(message: signatureText)Verify with the same installation that signed
You can also sign with XMTP keys and verify that a payload was sent by the same client.
const signature = client.signWithInstallationKey(signatureText);const isVerified = await client.verifySignature(signatureText, signature);val isVerified = client.verifySignature(signatureText, signature)let isVerified = try client.verifySignature(
message: signatureText,
signature: signature
)
Verify with the same inbox ID that signed
You can use an XMTP key's installationId to create a signature, then pass both the signature and installationId to another installationId with the same inboxId to verify that the signature came from a trusted sender.
const isValidSignature = client.verifySignedWithPrivateKey(
signatureText,
signature,
installationId
);val isVerified = client.verifySignatureWithInstallationId(
signatureText,
signature,
installationId
)let isVerified = try client.verifySignatureWithInstallationId(
message: signatureText,
signature: signature,
installationId: installationId
)Last updated