solana-web3.js
solana-web3.js copied to clipboard
Create `@solana/offchain-message` for signing and verifying offchain messages
Motivation
There's a protocol for signing non-transaction messages. Let's create @solana/offchain-message
helpers to sign and verify messages with modern CryptoKeys
.
Example use case
// This prepends the header and signs the message, returning a signature.
async function getOffchainMessageSignature(privateKeys: CryptoKey[], message: Uint8Array): Promise<Uint8Array[]>;
// This verifies the signature given a public key and a message.
async function verifyOffchainMessageSignature(message: Uint8Array, signature: Uint8Array, publicKeys: CryptoKey[]): Promise<boolean>;
Details
We can argue in the PR whether publicKey
should be a CryptoKey
or an Address
, whether the return type of getOffchainMessageSignature()
should be Uint8Array
or Signature
, but preferably not that message
should be a string
. Each decision that gets us further from JS primitives trades ergonomics for added dependencies.
The use case above is also missing details about configuring the message version, the application domain. Also, the decision needs to be made whether to auto-determine the message format or allow the user to explicitly choose a format then validate that the message conforms to the choice. Lots to chew on here.
Related Rust CLI PR: https://github.com/solana-labs/solana/pull/27456