如何验证交易是否由 NEAR 协议中的给定帐户 ID 签名?
How to verify that a transaction was signed by a given account ID in NEAR protocol?
我有一个已签名的交易,我想验证它是由 NEAR 上存在的帐户 ID 签名的。
问题有三层:
- 检查交易哈希。用 Borsh 序列化交易并计算 sha256,它应该匹配 transaction.hash.
验证签名对于给定的 public 密钥是否有效。使用可以验证给定签名类型的任何可用工具。 Python里面有ed25519包,所以这里举例:
import ed25519
import base58
transaction = {
"hash": "EzvvJEqdxKA62oAjG32y5herDtRGYEdmZXHDDyxorJ48",
"public_key": "ed25519:oNCFEmRotRHTySKqmAwifNZ8VRpYS973p8cL61y7eiE",
"signature": "ed25519:46WsywQYe31isWcHASrnR2pYCja4Mtjzs4n87isrTHWyDdX5uwrUaUn4SbhY9BMwWKvWwdcuyCjMsXdkXdPJv8ko",
}
pk_bytes = base58.b58decode(transaction['public_key'][len('ed25519:'):])
pk = ed25519.VerifyingKey(pk_bytes)
# OK:
pk.verify(
sig=base58.b58decode(transaction['signature'][len('ed25519:'):]),
msg=base58.b58decode(transaction['hash'])
)
# Exception BadSignatureError:
pk.verify(
sig=base58.b58decode('66666666' + transaction['signature'][len('ed25519:') + 8:]),
msg=base58.b58decode(transaction['hash'])
)
使用 near-shell、near-api-* 或原始 RPC 调用检查给定帐户 ID 的密钥是否存在:
$ http post https://rpc.nearprotocol.com method=query params:='["access_key/test/ed25519:oNCFEmRotRHTySKqmAwifNZ8VRpYS973p8cL61y7eiE", ""]' id=123 jsonrpc=2.0
{
...
"result": {
"block_height": 3297678,
"nonce": 10493,
"permission": "FullAccess"
}
}
我有一个已签名的交易,我想验证它是由 NEAR 上存在的帐户 ID 签名的。
问题有三层:
- 检查交易哈希。用 Borsh 序列化交易并计算 sha256,它应该匹配 transaction.hash.
验证签名对于给定的 public 密钥是否有效。使用可以验证给定签名类型的任何可用工具。 Python里面有
ed25519包,所以这里举例:import ed25519 import base58 transaction = { "hash": "EzvvJEqdxKA62oAjG32y5herDtRGYEdmZXHDDyxorJ48", "public_key": "ed25519:oNCFEmRotRHTySKqmAwifNZ8VRpYS973p8cL61y7eiE", "signature": "ed25519:46WsywQYe31isWcHASrnR2pYCja4Mtjzs4n87isrTHWyDdX5uwrUaUn4SbhY9BMwWKvWwdcuyCjMsXdkXdPJv8ko", } pk_bytes = base58.b58decode(transaction['public_key'][len('ed25519:'):]) pk = ed25519.VerifyingKey(pk_bytes) # OK: pk.verify( sig=base58.b58decode(transaction['signature'][len('ed25519:'):]), msg=base58.b58decode(transaction['hash']) ) # Exception BadSignatureError: pk.verify( sig=base58.b58decode('66666666' + transaction['signature'][len('ed25519:') + 8:]), msg=base58.b58decode(transaction['hash']) )使用 near-shell、near-api-* 或原始 RPC 调用检查给定帐户 ID 的密钥是否存在:
$ http post https://rpc.nearprotocol.com method=query params:='["access_key/test/ed25519:oNCFEmRotRHTySKqmAwifNZ8VRpYS973p8cL61y7eiE", ""]' id=123 jsonrpc=2.0 { ... "result": { "block_height": 3297678, "nonce": 10493, "permission": "FullAccess" } }