@dfinity/standalone-sig-verifier-web
v1.0.0
Published
Standalone crypto library to verify cryptographic signatures for the Internet Computer
Downloads
31
Maintainers
Keywords
Readme
standalone-sig-verifier-web
JS/TS Wrapper for the ic-standalone-sig-verifier
rust crate (code) to publish it as a browser / node compatible library to npm.
Warning: There are some caveats to using this library:
- Verifying signatures in the front-end is generally unsafe! Malicious users could modify the front-end code and bypass the signature verification. This library is intended for use in demos, prototypes, backends and other situations where the code either cannot be tampered with or the tampering does not pose a security risk.
- This library is built from the
master
branch of theic
repo rather than a proper release of the underlying library. This means that the API may change at any time.- The resulting wasm module is heavy, around 400 kb gzipped. Do not use this library if you are concerned about the size of your bundle.
Prerequisites
Building
Run the following command
wasm-pack build --target web --out-dir dist --release --scope dfinity
Usage Example
import initSigVerifier, {verifyIcSignature} from '@dfinity/standalone-sig-verifier-web';
async function example(dataRaw, signatureRaw, derPublicKey, root_key) {
// load wasm module
await initSigVerifier();
try {
// call the signature verification wasm function
verifyIcSignature(dataRaw, signatureRaw, derPublicKey, root_key);
console.log('signature verified successfully')
} catch (error) {
// the library throws an error if the signature is invalid
console.error('signature verifcation failed', error)
}
}