To request a user to sign a message, call the signMessage method on the provider, passing it a message to sign.

const message = `Sign this message to authenticate.`;
const encodedMessage = new TextEncoder().encode(message);
const { signature } = await window.coinbaseSolana.signMessage(encodedMessage);

If the user successfully signs the message, the call returns a Promise for an object with the signature.

The message passed to the signMessage method must be a UTF-8 encoded string as a Uint8Array.

Verifying a message

You can verify the signature of a message by using a cryptographic library.

Below is an example that verifies a message using TweetNaCl.js:

import nacl fromtweetnacl

// Verify a message using the encoded message, signature, and public key.
const verified = nacl.sign.detached.verify(
        encodedMessage,
        signature,
        window.coinbaseSolana.publicKey.toBuffer()
);