When verifying the SIWA message signature for Lute wallet, the process is more complex due to the transaction-based approach. Here's how it works:
The verification function receives the following parameters:
message: The original SIWA message
signature: The signature in base64 format
provider: The wallet provider (in this case, "Lute")
encodedTransaction: The encoded transaction in Base64 format
The verification process for Lute wallet:
if (provider === "Lute") {
if (!encodedTransaction) {
return false; // Lute requires an encoded transaction
}
try {
// Decode the transaction
const packTransaction = Buffer.from(encodedTransaction, "base64");
const decodedTransaction = algosdk.decodeSignedTransaction(packTransaction);
// Verify the signed transaction
const transactionResult = verifySignedTransaction(decodedTransaction);
if (!transactionResult) {
return false;
}
const { isValid: isTransactionValid, signature: txnSignature } = transactionResult;
// Check if the transaction signature matches the provided signature
const isSignatureValid = txnSignature === signature;
// The final result is true only if both the transaction is valid and the signatures match
return isTransactionValid && isSignatureValid;
} catch (error) {
return false; // Return false if any error occurs during verification
}
}
The verifySignedTransaction function is used to validate the transaction: