Open angrymouse opened 1 month ago
Although it is not the intended usage, you can use a Buffer as a message. For example:
const { Signer, Verifier } = require('bip322-js');
const privateKey = 'L3VFeEujGtevx9w18HD1fhRbCH67Az2dpCymeRE1SoPK6XQtaN2k';
const address = 'bc1q9vza2e8x573nczrlzms0wvx3gsqjx7vavgkx0l'; // P2WPKH address
const message = Buffer.from('000102030405ff', 'hex'); // Some random Buffer
const signature = Signer.sign(privateKey, address, message);
const validity = Verifier.verifySignature(address, message, signature);
console.log(validity); // True
If you use TypeScript, you may need to typecast the message to any or skip type-checking for this to work. Technically speaking, the library already supports using a Buffer as a message.
Yeah, I've used it like this, just was wondering if there may occur any problems with this approach, will it make my app vulnerable in other words.
It shouldn't pose any security vulnerabilities since the message is parsed by the BIP322.hashMessage method on the line:
messageHasher.update(Buffer.from(message));
which should work with the message either as a string or as a buffer.
In the future, I might add official Buffer support to the library.
Hello! Is it possible to sign/verify buffer/uint8array? Strings are arguably not best representation of data, and when getting big, taking quite a some time for this library (and overall, any cryptographic algorithm) to verify. I used hash of data to convert it to smaller one, however I feel like stringifying hash in order for this library to process it is not optimal. Is there any issues with signing/verifying raw data?