Class: Solrengine::Auth::SiwsVerifier

Inherits:

Object

Object
Solrengine::Auth::SiwsVerifier

show all

Defined in:: lib/solrengine/auth/siws_verifier.rb

Overview

Verifies SIWS (Sign In With Solana) signed messages. Uses Ed25519 signature verification and validates domain to prevent cross-site replay attacks.

Pass ‘expected_nonce:` to bind the signed message to a server-issued nonce. Without that binding, a captured (message, signature) pair can be replayed as long as the wallet still has any fresh nonce — callers should always supply it when verifying a live sign-in.

Defined Under Namespace

Classes: VerificationError

Instance Method Summary collapse

#initialize(wallet_address:, message:, signature:, domain: nil, expected_nonce: nil) ⇒ SiwsVerifier constructor

A new instance of SiwsVerifier.
#verify ⇒ Object
#verify! ⇒ Object

Constructor Details

#initialize(wallet_address:, message:, signature:, domain: nil, expected_nonce: nil) ⇒ `SiwsVerifier`

Returns a new instance of SiwsVerifier.

# File 'lib/solrengine/auth/siws_verifier.rb', line 20

def initialize(wallet_address:, message:, signature:, domain: nil, expected_nonce: nil)
  @wallet_address = wallet_address
  @message = message
  @signature = signature
  @domain = domain || Solrengine::Auth.configuration.domain
  @expected_nonce = expected_nonce
end

Instance Method Details

#verify ⇒ `Object`

# File 'lib/solrengine/auth/siws_verifier.rb', line 38

def verify
  verify!
rescue VerificationError
  false
end

#verify! ⇒ `Object`

# File 'lib/solrengine/auth/siws_verifier.rb', line 28

def verify!
  verify_message_format!
  verify_domain!
  verify_nonce! if @expected_nonce
  verify_signature!
  true
rescue Ed25519::VerifyError
  raise VerificationError, "Invalid signature"
end