Skip to content

Add SEP-53 arbitrary message signing support #828

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
tomerweller wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Add SEP-53 arbitrary message signing support #828

tomerweller wants to merge 1 commit into from

Conversation

@tomerweller
Copy link

@tomerweller tomerweller commented Dec 23, 2025

Summary

Implements SEP-53 (Stellar Arbitrary Message Signing) by adding two new methods to the Keypair class:

  • signMessage(message): Signs an arbitrary message by prepending the SEP-53 prefix "Stellar Signed Message:\n", hashing with SHA-256, and signing with the ed25519 key.

  • verifyMessage(message, signature): Verifies a SEP-53 signature by recomputing the hash and verifying against the public key.

Both methods accept string or Buffer inputs.

Use Cases

  • Proving account ownership without on-chain transactions
  • Off-chain attestations
  • Application-specific authentication
  • Wallet verification ("Connect Wallet" flows)

Implementation Details

  • Uses the existing hash() function from hashing.js for SHA-256
  • Uses the existing sign() and verify() primitives from signing.js
  • Compatible with SEP-53 implementations in other SDKs (Python, Java, Freighter)

Example Usage

import { Keypair } from '@stellar/stellar-base';

// Sign a message
const kp = Keypair.fromSecret('SAKICEVQLYWGSOJS4WW7HZJWAHZVEEBS527LHK5V4MLJALYKICQCJXMW');
const signature = kp.signMessage('Hello, World!');

// Verify a signature
const publicKp = Keypair.fromPublicKey('GBXFXNDLV4LSWA4VB7YIL5GBD7BVNR22SGBTDKMO2SBZZHDXSKZYCP7L');
const isValid = publicKp.verifyMessage('Hello, World!', signature);

Closes #827

Test plan

  • Added comprehensive tests for signMessage and verifyMessage
  • Verified against SEP-53 test vectors from the specification
  • Tests cover edge cases: empty messages, unicode, long messages, binary data
  • Tests verify rejection of invalid signatures and wrong signers
  • All 1132 tests pass (Node.js + browser environments)

🤖 Generated with Claude Code

@claude
Add SEP-53 arbitrary message signing support
ba75e97 
Implements SEP-53 (Stellar Arbitrary Message Signing) by adding two new
methods to the Keypair class:

- `signMessage(message)`: Signs an arbitrary message by prepending the
  SEP-53 prefix "Stellar Signed Message:\n", hashing with SHA-256, and
  signing with the ed25519 key.

- `verifyMessage(message, signature)`: Verifies a SEP-53 signature by
  recomputing the hash and verifying against the public key.

Both methods accept string or Buffer inputs, enabling use cases like:
- Proving account ownership
- Off-chain attestations
- Application-specific authentication

Includes comprehensive tests with SEP-53 test vectors and TypeScript
type definitions.

Closes stellar#827

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Feature Request: Add SEP-53 message signing and verification to Keypair

1 participant

@tomerweller