Skip to main content

Function Signature

delegatedSignMessage(
  client: DelegatedSvmWalletClient,
  params: {
    walletId: string;
    walletApiKey: string;
    keyShare: ServerKeyShare;
    message: string;
    isFormatted?: boolean;
  }
): Promise<string>

Description

Signs a message on behalf of a user who has granted delegation permission. This function requires delegation credentials (wallet ID, wallet API key, and key share) that are provided to your webhook endpoint when a user approves delegation. The function returns a base58-encoded Ed25519 signature, which is the standard signature format for Solana.

Parameters

Required Parameters

  • client (DelegatedSvmWalletClient) - The delegated client instance created with createDelegatedSvmWalletClient()
  • walletId (string) - The wallet ID from the delegation webhook
  • walletApiKey (string) - The wallet-specific API key from the delegation webhook
  • keyShare (ServerKeyShare) - The server key share from the delegation webhook
  • message (string) - The message to sign

Optional Parameters

  • isFormatted (boolean) - Whether the message is already formatted for signing. Defaults to false

Returns

Promise<string> - A base58-encoded Ed25519 signature

Example

Basic Message Signing

import { 
  createDelegatedSvmWalletClient,
  delegatedSignMessage 
} from '@dynamic-labs-wallet/node-svm';

const delegatedClient = createDelegatedSvmWalletClient({
  environmentId: 'your-environment-id',
  apiKey: 'your-server-api-key',
});

const signature = await delegatedSignMessage(delegatedClient, {
  walletId: 'wallet-id-from-webhook',
  walletApiKey: 'wallet-api-key-from-webhook',
  keyShare: keyShareFromWebhook,
  message: 'Hello, Solana!',
});

console.log('Signature:', signature);

With Formatted Message

const signature = await delegatedSignMessage(delegatedClient, {
  walletId: 'wallet-id-from-webhook',
  walletApiKey: 'wallet-api-key-from-webhook',
  keyShare: keyShareFromWebhook,
  message: 'Sign this message to authenticate',
  isFormatted: true,
});

Complete Example with Try-Catch

try {
  const signature = await delegatedSignMessage(delegatedClient, {
    walletId: credentials.walletId,
    walletApiKey: credentials.walletApiKey,
    keyShare: credentials.keyShare,
    message: 'Sign this to prove ownership',
  });
  
  console.log('Message signed successfully');
  return signature;
} catch (error) {
  console.error('Failed to sign message:', error);
  throw error;
}

Type Definitions

type ServerKeyShare = {
  pubkey: {
    pubkey: Uint8Array;
  };
  secretShare: string;
};

Common Use Cases

Authentication

async function authenticateUser(userId: string): Promise<string> {
  const credentials = await getDelegationCredentials(userId);
  const nonce = generateNonce();
  const message = `Authenticate with nonce: ${nonce}`;
  
  return await delegatedSignMessage(delegatedClient, {
    walletId: credentials.walletId,
    walletApiKey: credentials.walletApiKey,
    keyShare: credentials.keyShare,
    message,
  });
}

Proof of Ownership

async function signOwnershipProof(
  userId: string,
  resourceId: string
): Promise<string> {
  const credentials = await getDelegationCredentials(userId);
  const timestamp = Date.now();
  const message = `I own resource ${resourceId} at ${timestamp}`;
  
  return await delegatedSignMessage(delegatedClient, {
    walletId: credentials.walletId,
    walletApiKey: credentials.walletApiKey,
    keyShare: credentials.keyShare,
    message,
  });
}

Error Handling

The function throws an error if:
  • Any required parameter is missing or invalid
  • The delegation credentials are expired or revoked
  • The MPC signing operation fails
  • Network communication with Dynamic services fails
try {
  const signature = await delegatedSignMessage(delegatedClient, params);
} catch (error) {
  if (error.message.includes('key share')) {
    console.error('Invalid or expired delegation credentials');
  } else if (error.message.includes('wallet')) {
    console.error('Wallet not found or access denied');
  } else {
    console.error('Signing failed:', error);
  }
}

Security Considerations

  • Credential Validation: Always validate delegation credentials before using them
  • Message Validation: Validate message content to prevent signing malicious data
  • Audit Logging: Log all signing operations for security auditing
  • Credential Storage: Never log or expose wallet API keys or key shares
  • Rate Limiting: Implement rate limiting to prevent abuse