Crate wallet_signature_verify

Crate wallet_signature_verify 

Source
Expand description

§Wallet Signature Verify

Universal wallet signature verifier using challenge-response authentication.

This library validates that a specific wallet address actually signed a specific challenge, providing a secure authentication mechanism for blockchain wallets.

§Features

  • xaman - Support for Xaman wallet (XRPL SignIn)
  • web3auth - Support for Web3Auth wallet
  • cli - CLI binary with env_logger
  • all-wallets - Convenience feature to enable all wallets

By default, all wallets and CLI are enabled. You can disable default features and selectively enable only the wallets you need.

§Quick Start

# Cargo.toml - All wallets (default)
[dependencies]
wallet-signature-verify = "0.1"

# Only Xaman wallet
[dependencies]
wallet-signature-verify = { version = "0.1", default-features = false, features = ["xaman"] }

§Example Usage

use wallet_signature_verify::{
    wallets::{get_wallet_provider, WalletType, VerificationInput},
};

fn main() -> anyhow::Result<()> {
    // Create verification input
    let input = VerificationInput {
        signature_data: "732102DB4811...".to_string(), // Signature hex
        expected_address: "rExampleAddr123456789xrpL1234567890".to_string(),
        challenge: Some("domain:timestamp:uuid:action:address".to_string()),
    };

    // Get wallet provider
    let provider = get_wallet_provider(WalletType::Xaman);

    // Verify signature
    let result = provider.verify(&input)?;

    if result.is_valid() {
        println!("✅ Authentication successful!");
    } else {
        println!("❌ Authentication failed");
    }

    Ok(())
}

§Challenge-Response Authentication

This library implements a secure authentication pattern with 4 components:

  1. Challenge - A unique message to be signed (e.g., “domain:timestamp:uuid:action:address”)
  2. Address - The wallet address that signed the challenge
  3. Signature - The cryptographic signature (hex or DER format)
  4. Wallet Type - Which wallet was used (Xaman, Web3Auth, etc.)

The verifier validates that the address actually signed the challenge, proving ownership of the private key without exposing it.

Modules§

crypto
Cryptographic operations for signature verification.
output
parser
XRPL transaction blob parsing utilities.
types
wallets
Wallet provider implementations.

Functions§

verify_xrpl_signin
Verifies a complete XRPL SignIn signature