Skip to main content

Function Signature

verifyPassword(params: {
  accountAddress: string;
  walletMetadata: WalletMetadata;
  password?: string;
}): Promise<void>

Description

Verifies that the supplied password correctly decrypts the wallet’s backup. Throws if the password is wrong or the cached metadata is stale (couldn’t recover a share to verify against). If the wallet does not require a password for the current operation, the call returns silently without verifying.

Parameters

Required Parameters

  • accountAddress (string) - The wallet address (must include 0x prefix). Must match walletMetadata.accountAddress.
  • walletMetadata (WalletMetadata) - The cached metadata for this wallet. Must include externalServerKeySharesBackupInfo.

Optional Parameters

  • password (string) - The password to verify. If the wallet is password-encrypted and no password is provided, throws "Password is required for operation but not provided".

Returns

  • Promise<void> - Resolves if the password is correct (or no password was needed). Throws otherwise.

Example

import { authenticatedEvmClient } from './client';

const evmClient = await authenticatedEvmClient();

const walletMetadata = JSON.parse(await redis.get(`wallet:${accountAddress}`));

await evmClient.verifyPassword({
  accountAddress,
  walletMetadata,
  password: 'user-password',
});

console.log('Password verified successfully');

Error Handling

The error message distinguishes wrong-password from stale-metadata to help diagnose: 
try {
  await evmClient.verifyPassword({ accountAddress, walletMetadata, password });
  console.log('Password verified');
} catch (error) {
  if (error.message.includes('Failed to verify password')) {
    // Either the password is incorrect, or the cached
    // walletMetadata.externalServerKeySharesBackupInfo is stale
    // (merge backupInfo from updatePassword/refresh/reshare into cache).
    console.error(error.message);
  } else {
    console.error('Unexpected error:', error);
  }
}