Sign and Verify Messages Feature
This document provides an overview of the "Sign and Verify Messages" feature in the wallet application, which allows users to sign JSON messages using keys managed in the wallet and verify their signatures. This feature is accessible through the user interface or via REST APIs.
Signing a Message
REST API
Endpoint
POST /wallet-api/wallet/{walletId}/keys/{keyId}/sign
Request
- URL Parameters:
walletId: The ID of the wallet containing the key.keyId: The ID of the key to use for signing.
- Headers:
accept: application/jsonContent-Type: application/json
- Body (Example):
{
"exampleType": "object",
"data": {
"name": "John Doe",
"age": 30,
"isEmployed": true
}
}
cURL Example
curl -X 'POST' \
'http://127.0.0.1:7001/wallet-api/wallet/b59cdc3f-7022-4634-8668-de4fd578d2c9/keys/AIVbTGzmK6cnDHdrM-qNS_TghM-uvavIeOEHWfvmqQU/sign' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"exampleType": "object",
"data": {
"name": "John Doe",
"age": 30,
"isEmployed": true
}
}'
Response
"eyJraWQiOiJBSVZiVEd6bUs2Y25ESGRyTS1xTlNfVGdoTS11dmF2SWVPRUhXZnZtcVFVIiwiYWxnIjoiRWREU0EifQ.eyJleGFtcGxlVHlwZSI6Im9iamVjdCIsImRhdGEiOnsibmFtZSI6IkpvaG4gRG9lIiwiYWdlIjozMCwiaXNFbXBsb3llZCI6dHJ1ZX19.dY7M2335Wn8NwL2D_tqGshqBQUqET0q8JxHsNhMg1CapKNHYUBdY5K_85slWgoQrU_I231qdbcoMYYsHUD80BA"
Verifying a Signature
REST API
Endpoint
POST /wallet-api/wallet/{walletId}/keys/verify
Request
- URL Parameters:
walletId: The ID of the wallet.
- Query Parameters:
JWK: The JSON Web Key (URL-encoded) used for verification.
- Headers:
accept: application/jsonContent-Type: application/json
- Body (JWT):
"eyJraWQiOiJBSVZiVEd6bUs2Y25ESGRyTS1xTlNfVGdoTS11dmF2SWVPRUhXZnZtcVFVIiwiYWxnIjoiRWREU0EifQ.eyJleGFtcGxlVHlwZSI6Im9iamVjdCIsImRhdGEiOnsibmFtZSI6IkpvaG4gRG9lIiwiYWdlIjozMCwiaXNFbXBsb3llZCI6dHJ1ZX19.dY7M2335Wn8NwL2D_tqGshqBQUqET0q8JxHsNhMg1CapKNHYUBdY5K_85slWgoQrU_I231qdbcoMYYsHUD80BA"
cURL Example
curl -X 'POST' \
'http://127.0.0.1:7001/wallet-api/wallet/b59cdc3f-7022-4634-8668-de4fd578d2c9/keys/verify?JWK=%7B%0A%20%20%22kty%22%3A%20%22OKP%22%2C%0A%20%20%22crv%22%3A%20%22Ed25519%22%2C%0A%20%20%22kid%22%3A%20%22viEJuASRBd06MPJW-XEEDkWahYnGmp6WIMjdkGKZezY%22%2C%0A%20%20%22x%22%3A%20%227lTgGVKIeZdP9aEofIFwSTdyBGmxYqo4AhumkCLn3vs%22%0A%7D' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '"eyJraWQiOiJBSVZiVEd6bUs2Y25ESGRyTS1xTlNfVGdoTS11dmF2SWVPRUhXZnZtcVFVIiwiYWxnIjoiRWREU0EifQ.eyJleGFtcGxlVHlwZSI6Im9iamVjdCIsImRhdGEiOnsibmFtZSI6IkpvaG4gRG9lIiwiYWdlIjozMCwiaXNFbXBsb3llZCI6dHJ1ZX19.dY7M2335Wn8NwL2D_tqGshqBQUqET0q8JxHsNhMg1CapKNHYUBdY5K_85slWgoQrU_I231qdbcoMYYsHUD80BA"'
Response
trueif the signature is valid.falseif the signature is invalid.
User Interface
The wallet application provides an intuitive interface for:
- Signing JSON messages by selecting a key and entering the message.
- Verifying JWT signatures by pasting the JWK and JWT.
Key Features
- Ease of Use: Both API and UI options for signing and verifying messages.
- Security: Keys are securely managed in the wallet.
- Standards-Compliant: Utilizes JSON Web Keys (JWKs) and JSON Web Tokens (JWTs) for interoperability.
Last updated on July 21, 2025