Add support to validate signatures from aleph-client
hoh opened this issue · comments
Aleph-client supports signing messages, but not verifying signatures without the private key.
As a user, I would like to be able to validate the signature of an Aleph message.
See PyAleph: https://github.com/aleph-im/pyaleph/blob/master/src/aleph/chains/ethereum.py#L38
What would be the recommended approach for this?
- Import
aleph
from pyaleph - Extract a new module from /chains, create a repo called "aleph-chains" (or similar), and import it into both pyaleph and aleph-client
If this is truly needed in aleph-client, I believe it would make sense to move the validators from pyaleph to aleph-message and then use these in aleph-client and pyaleph.
What's the use case though?
I want to build an API that uses a simple authentication scheme based on signing the request payload. The user is not directly communicating with the Aleph API, as the intermediary API performs additional checks and sends a different signed message on the user's behalf.
Ah so you want to verify all types of signatures, not Aleph messages specifically. Maybe there's value in providing that as another library then and then put the message-specific validation in aleph-message.