Review: TZIP "Off-Chain Message Signing"

[jdsika]

Hello team,

in our efforts to introduce a CAIPs standard compliant Sign-in With Tezos message format and signing process we have created TZIP-31/32 to introduce a standardized way of signing messages which are not meant to be used as on-chain transactions. A merge request for TZIP-33 for SIWT is here.

We have created the library "Sign In With Tezos (SIWT)" alongside the specification above as a reference implementation. This library uses beacon and taquito and should provide maximum convenience for developers to:

* proving the users ownership of the private key to the address the user signs in with,
* adding permissions to use your API or backend using on chain data.

We would like to get your input on the current TZIP-31/32 proposal and encourage an implementation into your product to make this a real standard. The overall proposal was created in a close cooperation with the Kukai team. It would provide a standardized way of creating a signing message (and more applications) which are currently documented as followed: https://tezostaquito.io/docs/signing/#generating-a-signature-with-beacon-sdk

Please feel free to contact me on Slack as well if you would like to get in conversation!

Thank you very much!

Best regards Carlo (jdsika)

[jdsika]

Taquito implementation: https://2879-tzip32-doc.taquito.pages.dev/docs/next/signing/#generating-a-tzip-32-message-signature