Respond PoK

The RespondPoK method takes the following input parameters: the challenge ID (GUID), the response to the challenge (ECDSA signed “C”), and the address that signed the challenge. It validates whether the provided signature is a valid signature for the provided address. The results of the validation are stored in the ProofOfKeyChallenges table.

POST /POK/respond

Input Parameters

The RespondPoK method expects the following input parameters:

  • Challenge ID (GUID): The identifier of the challenge.
  • Response to the Challenge: The ECDSA signed representation of the challenge.
  • Address: The address that signed the challenge.
Return Parameters

The RespondPoK method returns the following parameters in the response: Result: A boolean value indicating whether the signature provided is valid for the provided address.

Sample Request
{
"challengeId": "789acf21-ef8d-4b7a-b2c5-76a8d9e0c123",
"signature": "0x627ea7a3e0d6a17b8a7c6d3e03256b52de457f942aa46a79ab84ef6d62e704c34038b3f4cc00a779c55f4549a91da30e1d3bca2590644b1edf1ad9a81028e1b1c",
"address": "0x1234567890abcdef1234567890abcdef12345678"
}
Sample Response
{
"result": true
}
Code sample
const challengeId = "789acf21-ef8d-4b7a-b2c5-76a8d9e0c123";
const address = "0x1234567890abcdef1234567890abcdef12345678";
const privateKey = 'yourPrivateKey';
const message = '0x124835ab146abe129946';
const messageHash = EthCrypto.hash.keccak256(message);
const signature = EthCrypto.sign(
  privateKey, // privateKey
  messageHash // hash of message
);
const response = await axios.post(`${apiUrl}/pok/respond`, {
  signature: signature,
  address: address,
  challengeId: challengeId
}, {
  headers: {
    'Authorization': `Bearer ${accessToken}` // your token,
    'Content-Type': 'application/json'
  }
});
console.log(response); //true or false
  • First, it defines the challengeId, address, message, and messageHash. The challengeId represents the unique identifier of the challenge. The address represents the address that signed the challenge. The message is the message to be signed, and messageHash is the hash of the message using the keccak256 hashing algorithm.

  • It then uses EthCrypto.sign() to generate the signature using the provided private key and the hash of the message.

  • The code then makes an asynchronous POST request using Axios, passing the signature, address, and challengeId as the request payload. It also sets the appropriate headers, including the authorization token and content type.

  • The response from the API is stored in the response variable, and it is logged to the console.

In summary, this code sample demonstrates how to sign a message using a private key, and then send a POST request to the /pok/respond endpoint to respond to a Proof of Key challenge with the generated signature, address, and challenge ID.