|
| 1 | +--- |
| 2 | +caip: 375 |
| 3 | +title: Wallet Sign Message |
| 4 | +author: Pedro Gomes (@pedrouid) |
| 5 | +discussions-to: https://github.com/ChainAgnostic/CAIPs/pull/375 |
| 6 | +status: Review |
| 7 | +type: Standard |
| 8 | +created: 2025-08-25 |
| 9 | +requires: 10, 171, 217 |
| 10 | +--- |
| 11 | + |
| 12 | +## Simple Summary |
| 13 | + |
| 14 | +Defines a JSON-RPC method, `wallet_signMessage`, to request cryptographic signatures on arbitrary messages from one or more wallet accounts, optionally tied to a session. |
| 15 | + |
| 16 | +## Abstract |
| 17 | + |
| 18 | +The `wallet_signMessage` RPC method is a chain-agnostic interface for signing arbitrary messages. |
| 19 | +It supports multiple accounts and signature schemes within a single call, optionally referencing a CAIP-171 session. |
| 20 | +This unifies how apps and wallets perform message signing for authentication, typed data, and off-chain actions. |
| 21 | + |
| 22 | +## Motivation |
| 23 | + |
| 24 | +Message signing today is fragmented: each wallet has its own API for personal message signing, typed data (e.g., EIP-712), or custom formats. |
| 25 | +There's no standard to support multiple accounts or signature types in one request. |
| 26 | +This proposal fixes that by: |
| 27 | + |
| 28 | +- Supporting optional sessions (CAIP-171) to link signing requests to an ongoing connection. |
| 29 | +- Allowing multiple messages and flexible signature schemes (e.g., EIP-191, EIP-1271). |
| 30 | +- Making message type and content explicit, improving wallet UX and security. |
| 31 | + |
| 32 | +## Specification |
| 33 | + |
| 34 | +### Language |
| 35 | + |
| 36 | +The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" written in uppercase in this document are to be interpreted as described in [RFC-2119][] |
| 37 | + |
| 38 | +### Definition |
| 39 | + |
| 40 | +**Request:** |
| 41 | + |
| 42 | +```jsonc |
| 43 | +{ |
| 44 | + "id": 1, |
| 45 | + "jsonrpc": "2.0", |
| 46 | + "method": "wallet_signMessage", |
| 47 | + "params": { |
| 48 | + "sessionId": "0xdeadbeef", // optional |
| 49 | + "messages": [ |
| 50 | + { |
| 51 | + "account": "eip155:1:0xabc123...", // optional |
| 52 | + "signatureTypes": ["eip191", "eip1271"], // optional |
| 53 | + "messageType": "ethPersonalSign", |
| 54 | + "content": "Hello World" |
| 55 | + } |
| 56 | + ], |
| 57 | + "capabilities": {} // optional |
| 58 | + } |
| 59 | +} |
| 60 | +``` |
| 61 | + |
| 62 | +**Response:** |
| 63 | + |
| 64 | +```jsonc |
| 65 | +{ |
| 66 | + "id": 1, |
| 67 | + "jsonrpc": "2.0", |
| 68 | + "result": { |
| 69 | + "signatures": [ |
| 70 | + { |
| 71 | + "account": "eip155:1:0xabc123...", |
| 72 | + "signatureType": "eip1271", |
| 73 | + "messageType": "ethPersonalSign", |
| 74 | + "signature": "0xdeadbeef..." |
| 75 | + } |
| 76 | + ], |
| 77 | + "capabilities": {} // optional |
| 78 | + } |
| 79 | +} |
| 80 | +``` |
| 81 | + |
| 82 | +**Rules:** |
| 83 | + |
| 84 | +- `sessionId` is OPTIONAL but MUST follow CAIP-171 if provided. |
| 85 | +- Each message MUST include `messageType` and `content`. |
| 86 | +- Wallets MAY choose any of the provided `signatureTypes`. |
| 87 | +- Response MUST include `account` and `signatureType` for each signature |
| 88 | +- `capabilities` is an OPTIONAL metadata object, placed outside `signatures`. |
| 89 | + |
| 90 | +## Security Considerations |
| 91 | + |
| 92 | +- Malicious apps can trick users into signing harmful messages; wallets MUST show clear prompts including `content` and `account`. |
| 93 | +- Including nonces or timestamps in `content` is RECOMMENDED to prevent replay attacks. |
| 94 | +- Sessions referenced by `sessionId` SHOULD be validated to ensure scope compliance. |
| 95 | + |
| 96 | +## Privacy Considerations |
| 97 | + |
| 98 | +- Signing may reveal account addresses; wallets SHOULD only return requested data. |
| 99 | +- `capabilities` could expose metadata; apps and wallets SHOULD handle them carefully. |
| 100 | +- Multi-message requests could link identities; wallets MAY warn users. |
| 101 | + |
| 102 | +## Links |
| 103 | + |
| 104 | +- [CAIP-10][] - Account ID Specification |
| 105 | +- [CAIP-104][] - Definition of Chain Agnostic Namespaces or CANs |
| 106 | +- [CAIP-171][] - Session Identifier, i.e. syntax and usage of `sessionId`s |
| 107 | +- [CAIP-217][] - Authorization Scopes, i.e. syntax for `scopeObject`s |
| 108 | +- [RFC-2119][] - Key Words for use in RFS to Indicate Requirement Levels |
| 109 | + |
| 110 | +[CAIP-2]: https://chainagnostic.org/CAIPs/caip-2 |
| 111 | +[CAIP-10]: https://chainagnostic.org/CAIPs/caip-10 |
| 112 | +[CAIP-104]: https://chainagnostic.org/CAIPs/caip-104 |
| 113 | +[CAIP-171]: https://chainagnostic.org/CAIPs/caip-171 |
| 114 | +[CAIP-217]: https://chainagnostic.org/CAIPs/caip-217 |
| 115 | +[RFC-2119]: https://datatracker.ietf.org/doc/html/rfc2119 |
| 116 | + |
| 117 | +## Copyright |
| 118 | + |
| 119 | +Copyright and related rights waived via [CC0](../LICENSE). |
0 commit comments