diff --git a/devcon-api/src/controllers/account.ts b/devcon-api/src/controllers/account.ts index 079225258..94d17dcde 100644 --- a/devcon-api/src/controllers/account.ts +++ b/devcon-api/src/controllers/account.ts @@ -497,15 +497,15 @@ async function LoginWeb3(req: Request, res: Response) { return res.status(400).send({ code: 400, message: 'No session token.' }) } - const address = req.body.address as string + const address = req.body.address as `0x${string}` const nonce = Number(req.body.nonce) const msg = req.body.msg as string - const signed = req.body.signed as string + const signed = req.body.signed as `0x${string}` if (!address || !msg || !signed || !nonce || isNaN(nonce)) { return res.status(400).send({ code: 400, message: 'Invalid input.' }) } - const validSignature = isValidSignature(address, msg, signed) + const validSignature = await isValidSignature(address, msg, signed) if (!validSignature) { return res.status(400).send({ code: 400, message: 'Invalid signature.' }) } diff --git a/devcon-api/src/utils/web3.ts b/devcon-api/src/utils/web3.ts index 986cb1fd9..860198bac 100644 --- a/devcon-api/src/utils/web3.ts +++ b/devcon-api/src/utils/web3.ts @@ -1,4 +1,3 @@ -import { ethers, verifyMessage } from 'ethers' import { createPublicClient, http } from 'viem' import { mainnet } from 'viem/chains' @@ -7,14 +6,9 @@ export const publicClient = createPublicClient({ transport: http(`https://mainnet.infura.io/v3/${process.env.INFURA_API_KEY}`), }) -export const isValidSignature = (address: string, message: string, signature: string): boolean => { +export const isValidSignature = async (address: `0x${string}`, message: string, signature: `0x${string}`): Promise => { try { - const recovered = verifyMessage(message, signature) - if (!recovered || ethers.getAddress(recovered) !== ethers.getAddress(address)) { - return false - } - - return true + return await publicClient.verifyMessage({ address, message, signature }) } catch (e) { return false }