Skip to content

feat: add standalone verifySignature and verifySignatureAsync utility functions#860

Draft
gregnazario wants to merge 1 commit intomainfrom
cursor/simplified-signature-verification-7296
Draft

feat: add standalone verifySignature and verifySignatureAsync utility functions#860
gregnazario wants to merge 1 commit intomainfrom
cursor/simplified-signature-verification-7296

Conversation

@gregnazario
Copy link
Collaborator

@gregnazario gregnazario commented Mar 20, 2026

Description

Adds unified verifySignature and verifySignatureAsync utility functions that verify a digital signature against any supported public key type without requiring callers to know the key type in advance.

Motivation: During user login flows, API services rely on wallet signatures to verify address ownership. Currently, developers must know the wallet's key type (Ed25519, Secp256k1, Keyless, etc.) to instantiate the correct PublicKey class and call its verifySignature method. This creates unnecessary complexity, especially when handling multiple wallet types.

What this PR adds:

  • verifySignature({ message, signature, publicKey }) — Synchronous verification for all non-Keyless key types (Ed25519, Secp256k1, MultiEd25519, MultiKey). Throws a clear error if a Keyless key is passed.
  • verifySignatureAsync({ aptosConfig, message, signature, publicKey }) — Async verification that supports all key types including Keyless and FederatedKeyless.
  • Automatic wrapping of raw signatures in AnySignature when an AnyPublicKey is used, so callers don't need to manually wrap.
  • VerifyMessageSignatureArgs and VerifyMessageSignatureAsyncArgs type interfaces.

Usage:

import { Ed25519PublicKey, Ed25519Signature, verifySignature } from "@aptos-labs/ts-sdk";

// Works with any public key type
const isValid = verifySignature({
  message: "hello world",
  signature: someSignature,
  publicKey: somePublicKey,
});

Test Plan

Added 12 unit tests covering:

  • Ed25519 legacy key verification (valid, invalid signature, wrong message)
  • Ed25519 SingleKey/AnyPublicKey verification (with AnySignature, raw signature auto-wrap, wrong message)
  • Secp256k1 SingleKey/AnyPublicKey verification (with AnySignature, raw signature auto-wrap, wrong message)
  • MultiEd25519 multi-signature verification
  • MultiKey multi-signature verification
  • Cross-key-type mismatch (wrong public key returns false)

All 12 tests pass:

✓ tests/unit/verifySignature.test.ts (12 tests) 42ms

Build passes (pnpm build), lint passes (pnpm check).

Related Links

Closes #641

Checklist

  • Have you ran pnpm fmt?
  • Have you updated the CHANGELOG.md?
Open in Web Open in Cursor 

@cursoragent @gregnazario
feat: add standalone verifySignature and verifySignatureAsync utility…
13942c5 
… functions

Add unified signature verification functions that work with any supported
public key type (Ed25519, Secp256k1, MultiEd25519, MultiKey) without
requiring callers to know the key type in advance.

- verifySignature(): synchronous verification for all non-Keyless types
- verifySignatureAsync(): async verification supporting all types including Keyless
- Automatically wraps raw signatures in AnySignature when needed for AnyPublicKey
- Throws clear error message when Keyless key is used with sync function
- 12 unit tests covering all key types, auto-wrapping, and failure cases

Closes #641

Co-authored-by: Greg Nazario <greg@gnazar.io>
@cursor cursor bot mentioned this pull request Mar 20, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Feature Request] Need a well-packaged method to verify message signatures

2 participants

@gregnazario @cursoragent