Skip to content

feat(sign-data): add verifySignature function and parameter #183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
yasincaliskan wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat(sign-data): add verifySignature function and parameter #183

yasincaliskan wants to merge 5 commits into from

Conversation

@yasincaliskan
Copy link
Collaborator

@yasincaliskan yasincaliskan commented Jan 12, 2026
edited
Loading

Description

This PR extends the signing API with built-in signature validation.

  • Added a public verifySignature function to validate signatures for arbitrary data
  • Added a validateSignature option to signData to enable automatic verification after signing
  • When verifySignature: true is passed to signData, it checks whether the signer address is rekeyed and, if so, sends the signing request using the auth address

@yasincaliskan yasincaliskan requested a review from wjbeau January 12, 2026 13:37
@yasincaliskan yasincaliskan self-assigned this Jan 12, 2026
@yasincaliskan yasincaliskan marked this pull request as draft January 12, 2026 14:48
@yasincaliskan yasincaliskan removed the request for review from wjbeau January 12, 2026 14:48
@yasincaliskan yasincaliskan marked this pull request as ready for review January 13, 2026 09:52
@yasincaliskan yasincaliskan requested a review from wjbeau January 13, 2026 09:57
wjbeau
wjbeau requested changes Jan 13, 2026
View reviewed changes
Copy link

@wjbeau wjbeau left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one comment about the MX prefix

README.md
**Parameters:**
- `data`: Array of arbitrary data to sign
- `signer`: Algorand address that will sign the data
- `verifySignature` (optional): If `true`, automatically detects if the account is rekeyed (has `authAddr`) and uses the `authAddr` as the signer. After signing, verifies each signature against the original data. Defaults to `false`.
Copy link

@wjbeau wjbeau Jan 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We might want to explain the 'MX' prefix requirement? I.e. our verification is consistent with algosdk's verification? Or maybe we should verify both (i.e. prepend MX, check it, if it fails try verifying without MX prefix?)

@yasincaliskan yasincaliskan requested a review from wjbeau January 14, 2026 11:54
@yasincaliskan yasincaliskan mentioned this pull request Jan 21, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wjbeau wjbeau Awaiting requested review from wjbeau

Requested changes must be addressed to merge this pull request.

Assignees

@yasincaliskan yasincaliskan

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@yasincaliskan @wjbeau