Comment on page
Message Signing
This service allows end users to have their messages signed by a satellite in orbit. This is achieved using the satellite's signature key along with a current timestamp to ensure the signature cannot be backdated. The Cryptosat service manages the task of coordinating the transmission of the message to the suitable ground station when the satellite is online.
sigRequest = await cryptosat.sign('your message here');
This method sends a message to the satellite to be signed and returns a request object that allows the user to track the status of the request.
Parameters
message(string): The message to be signed.
Returns
sigRequest(object): An object that allows the user to track the status of the request. This object has two methods:statusandresult.
await sigRequest.status();
This method allows users to check the status of their signature request.
Parameters
None.
Returns
status(string): The status of the request. When the request has been signed by the satellite and received back, the status will beREADY.
result = await sigRequest.result();
This method returns the result of the signature request. This should be used once the
status method returns Ready.Parameters
None.
Returns
result(object): The result of the request, which contains the signature and timestamp.
To validate the signature returned by the satellite, you can use the
nacl library. Here's a short snippet to demonstrate this:// Require the Cryptosat library
const Cryptosat = require('cryptosat');
// Create a Cryptosat instance with the service URL
const cryptosat = new Cryptosat('https://api.cryptosat.io');
// Initiate the signing request
let sigRequest = await cryptosat.sign('Hello, world!');
// Poll the status of the request until it is ready
while (true) {
let status = await sigRequest.status();
if (status === 'Ready') {
break;
}
// wait before polling again
await new Promise(r => setTimeout(r, 1000));
}
// Once ready, retrieve the result
let result = await sigRequest.result();
// Fetch the public signing key from the Cryptosat.
// IMPORTANT: In production, retrieve key out of band
let publicKey = await cryptosat.getPublicSigningKey();
// Verify the signature using NaCl
let valid = nacl.sign.detached.verify(
new TextEncoder().encode(result.message + result.timestamp),
result.signature,
publicKey
);
console.log(valid ? 'Valid signature' : 'Invalid signature');
This code initiates a signature request with the
sign method, periodically checks the status of the request using the status method, and once the status is Ready, it retrieves the result using the result method. Finally, it verifies the signature using the nacl.sign.detached.verify method from the nacl library.