Prove ownership of a Solana wallet.
This library proveTransactions ownership of a Solana wallet to off-chain verifiers.
It is compatible with standard browser wallet adapters, such as
sol-wallet-adapter,
and can be extended to others.
``sh`
npm install @identity.com/prove-solana-wallet
or
`sh`
yarn add @identity.com/prove-solana-wallet
prover side:
`js${new Date().getTime()}
const {create} = require('@identity.com/prove-solana-wallet');
const nonce = ;`
const proof = await create(myKeypair, nonce);
Verifier side:
`js`
const {verify} = require('@identity.com/prove-solana-wallet');
const message = timestamp;
verify(expectedPublicKey, proof, message);
prover side:
`js`
const {proveTransaction} = require('@identity.com/prove-solana-wallet');
const proof = await proveTransaction(myKeypair);
Verifier side:
`js`
const {verifyTransaction} = require('@identity.com/prove-solana-wallet');
await verifyTransaction(proof, expectedPublicKey);
prove ownership of an external wallet (e.g. sol-wallet-adapter).
See here for more details.
prover side:
`js
const {proveTransaction} = require('@identity.com/prove-solana-wallet');
import Wallet from "@project-serum/sol-wallet-adapter";
const providerUrl = 'https://www.sollet.io';
const wallet = new Wallet(providerUrl);
wallet.on('connect', async (publicKey) => {
// once the wallet is connected, we can prove ownership
const signer = (transaction:Transaction) => wallet.signTransaction(transaction);
const proof = await proveTransaction(myKeypair);
});
`
Verifier side:
`js`
const {verifyTransaction} = require('@identity.com/prove-solana-wallet');
await verifyTransaction(proof, expectedPublicKey);
.The verify(publicKey, proof) function decodes the message and signature from the proof, and uses nacl to verify that the given public key signed the proof.
$3
The proveTransaction() function generates a zero-value transaction, and
signs it with the wallet private key. For the transaction to be verified
by the verifyTransaction() function, it must:- have ony one instruction: SystemProgram.transfer
- be zero-value
- be self-to-self (i.e the sender and recipient are the same)
- have a recent blockhash on mainnet
- but not be broadcast to mainnet
These measures increase the security by reducing the likelihood
that an attacker can either coerce the wallet owner to sign
a transaction or intercept a broadcast one.
Configuration
The proveTransaction and verifyTransaction functions can be configured as follows:
$3
Default:
mainnet-betaThe cluster that should be used when generating and verifyTransactioning proofs
$3
Default:
When checking that a proof transaction has not been transmitted, the commitment to be used, i.e. the degree to which the transaction is finalised by the network
Optional
Default: empty
If the cluster is not a standard solana public cluster, this map provides
the cluster URL to connect to. Use this when the proof may contain a cluster that is
not recognised by solana's clusterApiUrl function.