description
You can fetch the corresponding payload to verify the signature, to make sure it's signed by the account you expected to sign the payload.

Verify Payload signature

xumm.payload?.get('some-payload-uuid').then(payloadResult => { /**/ })

If you want the actual blob and signature for the user signed in with the Xumm OAuth2 flow:

Get the JWT contents
Get the payload from the JWT (that's the Sign In payload)
Get that payload with the SDK
Check the payload data, the response.hex property holds the signed TX Blob

xumm.on("success", async () => {
  const { payload_uuidv4 } = await xumm.environment.jwt
  const payloadResult = await xumm.payload?.get(payload_uuidv4)
  console.log(payloadResult)
})

Now you can verify the signature using the xrpl-verify-signature package, or using any native method capable of verifying XRP Ledger signatures:

{% embed url="https://www.npmjs.com/package/verify-xrpl-signature" %}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

verify-oauth2-signature.md

verify-oauth2-signature.md

Verify Payload signature

Files

verify-oauth2-signature.md

Latest commit

History

verify-oauth2-signature.md

File metadata and controls

Verify Payload signature