Skip to main content

Function Signature

signMessage(params: {
  message: string;
  walletMetadata: WalletMetadata;
  password?: string;
  externalServerKeyShares?: ServerKeyShare[];
}): Promise<string>

Description

Signs a message using the EVM wallet identified by the supplied walletMetadata. The SDK is stateless — every call requires walletMetadata. If the wallet was created with backUpToDynamic: true, supply the password so the SDK can recover shares from backup when externalServerKeyShares is omitted.
When you pass externalServerKeyShares (the caller-supplied path), walletMetadata.externalServerKeySharesBackupInfo must also be present — signMessage throws if shares are supplied but backup metadata is missing. The full walletMetadata returned from createWalletAccount / importPrivateKey already includes it; identity-only metadata from fetchWalletMetadata will be rejected.

Parameters

Required Parameters

  • message (string) - The message to sign
  • walletMetadata (WalletMetadata) - Non-sensitive wallet metadata persisted from createWalletAccount() / importPrivateKey(). The wallet’s address comes from walletMetadata.accountAddress.

Optional Parameters

  • password (string) - Required if the wallet was created with backUpToDynamic: true. Used for backup decryption when externalServerKeyShares is not provided.
  • externalServerKeyShares (ServerKeyShare[]) - Caller-supplied plaintext shares. If omitted, the SDK recovers from backup using password.

Returns

  • Promise<string> - The serialized signature as a hex string

Example

import { authenticatedEvmClient } from './client';

const evmClient = await authenticatedEvmClient();

// Load the metadata + shares you persisted at creation time.
const walletMetadata = JSON.parse(await redis.get(`wallet:${accountAddress}`));
const externalServerKeyShares = await vault.read(`wallet:${accountAddress}/shares`);

const signature = await evmClient.signMessage({
  message: 'Hello, World!',
  walletMetadata,
  externalServerKeyShares,
  password: 'user-password',
});

console.log('Message signed:', signature);

Error Handling

try {
  const signature = await evmClient.signMessage({
    message: 'Hello world',
    walletMetadata,
    externalServerKeyShares,
    password: 'user-password',
  });
  console.log('Message signed successfully');
} catch (error) {
  console.error('Failed to sign message:', error);
}

Security Considerations

  • Message Validation: Always validate message content before signing
  • Key Share Security: Keep external server key shares secure
  • Session Management: Implement proper session management
  • Password Protection: Use strong passwords for wallet encryption