generateSignMessageUri method

Uri generateSignMessageUri({
  1. required Uint8List nonce,
  2. required String redirect,
})

Generates an URL with given nonce to be signed by Phantom Wallet to verify the ownership of the wallet.

  • nonce will be generated on server side and sent to Phantom Wallet.
  • nonce will be hashed before sent to Phantom Wallet.
  • Returns URL which will be used to send to Phantom Wallet /signMessage endpoint.
  • It redirects user to redirect with nonce and encrypted data as query parameters.
  • Encrypted data contains signature and can be decrypted using decryptPayload method.
  • We can use this signed message to verify the user with isValidSignature method.

Implementation

Uri generateSignMessageUri(
    {required Uint8List nonce, required String redirect}) {
  /// Hash the nonce so that it is not exposed to the user
  Uint8List hashedNonce = Hash.sha256(nonce);

  var message =
      "Sign this message for authenticating with your wallet. Nonce: ${base58encode(hashedNonce)}";
  var payload = {
    "session": _sessionToken,
    "message": base58encode(message.codeUnits.toUint8List()),
  };

  var encrypt = encryptPayload(payload);

  return Uri(
    scheme: scheme,
    host: host,
    path: 'ul/v1/signMessage',
    queryParameters: {
      "dapp_encryption_public_key":
          base58encode(Uint8List.fromList(dAppPublicKey)),
      "nonce": base58encode(encrypt["nonce"]),
      "redirect_link": "$deepLink$redirect",
      "payload": base58encode(encrypt["encryptedPayload"]),
    },
  );
}