Only MetaMask provider is supported
gniax opened this issue · comments
After several tests it seems that only authentication with MetaMask would work, even in the demo, with a browser provider-less.
Authentication with WalletConnect does not work, the function verifySignature
returns false because of the $recid
;
There are wo tracks:
- The function is incorrect or does not support all possibilities/provide
- The javascript signature verification
web3.eth.personal.sign()
is incorrect or the data is not well encoded?
I managed to fix the issue which was actually on the back-end (verifySignature).
Solution:
Include php-ecrecover in your project
This needs the following version of CryptoCurrencyPHP (I did not tested the HEAD one)
Simply replace function verifySignature()
by:
function verifySignature($message, $signature, $address)
{
return $address == personal_ecRecover($message, $signature);
}
The personal_ecRecover
function is based on gmp and looks more efficient than the current public key recovery method which seems to have been developed only for MetaMask.
You might need to allow gmp extension in php.ini if not done