How to verify signed message by public key

[bafu]

Hi Zion dev team,

I use zkma.signMessage (with Ethereum type) to sign the raw message and want to use a public key (e.g., from zkma.{getSendPublicKey, getReceivePublicKey}) to verify the signature of the signed message [1, 2].

How can I do verification with Zion SDK?

The idea is to leverage Zion as a tool to generate secure HW signatures of any small data (texts, images, etc.), like using the traditional GPG tool with a higher security level.

Any suggestion is welcome!

---

References

1. Signing a message by Zion VaultSDK
2. Signing a message by ZKMA
3. EIP191

[htczion]

Zion SDK doesn't provide any verify message method on it,

Refer to the below sample code (written in Node JS and use 3rd library 'eth-sig-util'), the original message and the output of signed message is required for the function "recoverPersonalSignature",

if the funciton result is equal to your eth address, it means verify success.

const sigUtil = require('eth-sig-util');
app.post('/eth_verifymsg', function (req, res) {
    console.log(JSON.stringify(req.body));

    const address = req.body.addr;
    const message = req.body.message;
    const msgParams = { data: message }
    msgParams.sig = req.body.signed;
    const recovered = sigUtil.recoverPersonalSignature(msgParams);

    var object = new Object();
    object.verified = (recovered == address.toLowerCase()); 
    res.writeHeader(200, { "Content-Type": "application/json" });
    res.write(JSON.stringify(object));
    res.end();
});