Expand description
§erc8128 — Signed HTTP Requests with Ethereum
Rust implementation of ERC-8128: authenticate HTTP requests using HTTP Message Signatures (RFC 9421) with Ethereum accounts.
Two core operations:
sign_request— sign an outgoing HTTP requestverify_request— verify an incoming signed HTTP request
Chain-specific signature verification (EOA / ERC-1271) is pluggable
via the Verifier trait.
§Examples
use erc8128::{Request, SignOptions, sign_request};
let request = Request {
method: "GET",
url: "https://api.example.com/resource",
headers: &[],
body: None,
};
let signed = sign_request(&request, &signer, &SignOptions::default()).await?;Modules§
- keyid
KeyIDformatting and parsing (erc8128:<chainId>:<address>).- nonce
- Cryptographically secure nonce generation. Cryptographically secure nonce generation for replay-attack prevention.
Structs§
- Address
- An Ethereum address, 20 bytes in length.
- Memory
Nonce Store - In-memory nonce store for development and testing.
- NoNonce
Store - No-op nonce store that rejects all nonces.
- Reject
Replayable - Reject all replayable signatures (default secure behavior).
- Replayable
Info - Information about a replayable signature, passed to
ReplayablePolicy::invalidated. - Request
- An HTTP request to be signed or verified.
- Sign
Options - Options for
sign_request. - Signature
Params - RFC 9421 signature parameters.
- Signed
Headers - Headers produced by
sign_request. - Verify
Policy - Policy for
verify_request. - Verify
Success - Successful verification result.
Enums§
- Binding
- How tightly a signature is bound to a specific request.
- Content
Digest - How to handle the
Content-Digestheader during signing. - Erc8128
Error - Errors produced by ERC-8128 signing and verification.
- Replay
- Whether a signature can be validly reused.
Traits§
- Nonce
Store - Nonce store for replay protection.
- Replayable
Policy - Policy for replayable (nonce-less) signature acceptance and invalidation.
- Signer
- Ethereum message signer.
- Verifier
- Signature verifier for Ethereum accounts.
Functions§
- sign_
request - Sign an HTTP request according to ERC-8128.
- verify_
request - Verify a signed HTTP request according to ERC-8128.