In the title. This is general question, since I don't see any api which would allow that.
Context
I'm making a telegram bot which should charge some amount of money from users every month depending on their subscription plan.
I've learned that V4 wallets allow doing that via plugins. I also found this example contract which does exactly that.
However the issue is that I need to send signed external message to the wallet contract. And thats my issue, I didn't find a way to sign the message.
What have you tried so far?
Maybe I'm missing something, but I've checked a lot of sources and docs before writing this issue.
All the sources I've read so far were using private key, in most cases derived directly from mnemonics which is unacceptable absurd nonsense cos nobody gonna give their private keys nor mnemonics to third parties unless these are wallets. These examples also ain't suitable for obvious reasons in my case anyway.
I also found Sign Data request which at first seemed like what I was looking for but it wasn't, because according to the documentation signature will be computed after internally transforming the data. To make it clear what I mean Sign Data will compute signature from the data transformed this way:
signature_from_sign_data = ed25519(uint32be(schema_crc) ++ uint64be(timestamp) ++ cell_hash(X))
while V4 wallet contract will check signature for the whole hashed message after signature data, which will look like this:
signature_expected_by_wallet = ed25519(cell_hash(X[64..]))
So it is obvious signature_from_sign_data won't match signature_expected_by_wallet unless there's sha512 hash collision which is used under the hood of ed25519 signing algorithm which is almost impossible scenario, means the Sign Data method is not suitable in my case.
I know my question may look silly but after doing my own research I didn't find anything suitable. I'm new to the TON blockchain and maybe missing something, but I believe there must be a way to do that cos otherwise there should be no reason to document this and state that there are bots which can do this.
Your Question
In the title. This is general question, since I don't see any api which would allow that.
Context
I'm making a telegram bot which should charge some amount of money from users every month depending on their subscription plan. I've learned that V4 wallets allow doing that via plugins. I also found this example contract which does exactly that. However the issue is that I need to send signed external message to the wallet contract. And thats my issue, I didn't find a way to sign the message.
What have you tried so far?
Maybe I'm missing something, but I've checked a lot of sources and docs before writing this issue. All the sources I've read so far were using private key, in most cases derived directly from mnemonics which is unacceptable absurd nonsense cos nobody gonna give their private keys nor mnemonics to third parties unless these are wallets. These examples also ain't suitable for obvious reasons in my case anyway. I also found Sign Data request which at first seemed like what I was looking for but it wasn't, because according to the documentation signature will be computed after internally transforming the data. To make it clear what I mean Sign Data will compute signature from the data transformed this way:
signature_from_sign_data = ed25519(uint32be(schema_crc) ++ uint64be(timestamp) ++ cell_hash(X))while V4 wallet contract will check signature for the whole hashed message after signature data, which will look like this:signature_expected_by_wallet = ed25519(cell_hash(X[64..]))So it is obvioussignature_from_sign_datawon't matchsignature_expected_by_walletunless there's sha512 hash collision which is used under the hood of ed25519 signing algorithm which is almost impossible scenario, means the Sign Data method is not suitable in my case.I know my question may look silly but after doing my own research I didn't find anything suitable. I'm new to the TON blockchain and maybe missing something, but I believe there must be a way to do that cos otherwise there should be no reason to document this and state that there are bots which can do this.
Relevant Code or Commands
No response
Documentation Check