SignatureVerificationStrategy

Overview

The SignatureVerificationStrategy validates Arweave transaction signatures to ensure data authenticity and ownership. This strategy provides cryptographic proof that the data was created by the claimed wallet address and hasn't been tampered with since signing.

Important

Verification methods require that the gateway being used has the relevant transaction data indexed locally. Gateways cannot proxy out verification requests to other sources, as this would compromise the security and reliability of the verification process. If a gateway doesn't have the required data indexed, verification will fail.

How It Works

  1. Fetch Metadata: Retrieve transaction metadata from trusted gateways
  2. Reconstruct Signature Data: Build the signature data using the received content
  3. Verify Signature: Validate the signature matches the claimed owner's public key
  4. Check Ownership: Confirm the transaction was signed by the claimed wallet
  5. Result: Pass or fail based on signature validation

Configuration

Basic Usage

import { SignatureVerificationStrategy } from '@ar.io/wayfinder-core'

const strategy = new SignatureVerificationStrategy({
  trustedGateways: [new URL('https://arweave.net')],
})

Advanced Configuration

const strategy = new SignatureVerificationStrategy({
  trustedGateways: [
    new URL('https://arweave.net'),
    new URL('https://permagate.io'),
  ],
  maxConcurrency: 2, // Process multiple requests concurrently
  logger: customLogger, // Optional custom logger
})

Parameters

← Swipe to see more →
ParameterTypeDefaultDescription
trustedGatewaysURL[]Required

Array of trusted gateway URLs for transaction metadata

maxConcurrencynumber1Maximum number of concurrent requests to gateways
loggerLoggerdefaultLoggerCustom logger instance for debugging
classifierDataClassifierGqlClassifier

Data classifier to determine transaction type (ANS-104 vs regular)

← Swipe to see more →

Integration Examples

With Wayfinder

import { Wayfinder, SignatureVerificationStrategy } from '@ar.io/wayfinder-core'

const wayfinder = new Wayfinder({
  gatewaysProvider: gatewaysProvider,
  verificationSettings: {
    enabled: true,
    strategy: new SignatureVerificationStrategy({
      trustedGateways: [new URL('https://arweave.net')],
    }),
    strict: true,
  },
})

// Verification happens automatically
const response = await wayfinder.request('ar://transaction-id')
const data = await response.text()

With Event Monitoring

const wayfinder = new Wayfinder({
  gatewaysProvider: gatewaysProvider,
  verificationSettings: {
    enabled: true,
    strategy: new SignatureVerificationStrategy({
      trustedGateways: [new URL('https://arweave.net')],
    }),
    events: {
      onVerificationSucceeded: (event) => {
        console.log('✅ Signature verification passed:', {
          txId: event.txId,
        })
      },
      onVerificationFailed: (error) => {
        console.error('❌ Signature verification failed:', {
          error: error.message,
        })
      },
    },
  },
})

Standalone Usage

const strategy = new SignatureVerificationStrategy({
  trustedGateways: [new URL('https://arweave.net')],
})

// Manual verification
try {
  await strategy.verifyData({
    data: dataBuffer,
    txId: 'transaction-id',
  })
  console.log('Signature verification passed!')
} catch (error) {
  console.error('Signature verification failed:', error.message)
}

Data Types Supported

The SignatureVerificationStrategy automatically handles two types of Arweave data:

ANS-104 Data Items

  • Bundled transactions (data items within bundles)
  • Uses ANS-104 signature verification
  • Supports nested data items

Regular Transactions

  • Standard Arweave transactions
  • Uses traditional Arweave signature verification
  • Direct transaction signatures

The strategy automatically classifies the transaction type and applies the appropriate verification method.

Use Cases

Content Authentication

Verify that content was created by a specific wallet:

const strategy = new SignatureVerificationStrategy({
  trustedGateways: [new URL('https://arweave.net')],
})

const wayfinder = new Wayfinder({
  gatewaysProvider: gatewaysProvider,
  verificationSettings: {
    enabled: true,
    strategy,
    strict: true, // Block unverified content
  },
})

Document Integrity

Verify legal or important documents:

const strategy = new SignatureVerificationStrategy({
  trustedGateways: [
    new URL('https://arweave.net'),
    new URL('https://permagate.io'),
  ],
  maxConcurrency: 2, // Use multiple gateways for reliability
})

Development vs Production

// Development - single gateway, more logging
const devStrategy = new SignatureVerificationStrategy({
  trustedGateways: [new URL('https://arweave.net')],
  logger: debugLogger,
})

// Production - multiple gateways for reliability
const prodStrategy = new SignatureVerificationStrategy({
  trustedGateways: [
    new URL('https://arweave.net'),
    new URL('https://permagate.io'),
  ],
  maxConcurrency: 2,
})

Best Practices

  1. Use Multiple Trusted Gateways: Increases reliability for transaction metadata
  2. Set Appropriate Concurrency: Balance between performance and gateway load
  3. Monitor Verification Events: Track success rates and failure reasons
  4. Handle Network Failures: Implement proper error handling for gateway requests
  5. Validate Transaction Format: Ensure transaction metadata is well-formed
  6. Use Reputable Gateways: Choose gateways with reliable transaction indexing

Comparison with Other Strategies

← Swipe to see more →
AspectSignature VerificationHash VerificationData Root Verification
SecurityVery HighHighHighest
PerformanceFastFastestSlower
ComplexityMediumLowHigh
Network OverheadMediumLowHigh
Ownership Verification✅ Yes❌ No❌ No
Best ForFinancial or legal documentsHigh-throughput applicationsProduction applications
← Swipe to see more →

The SignatureVerificationStrategy is ideal when you need to verify not just data integrity, but also the authenticity and ownership of the content. It provides cryptographic proof that the content was actually signed by the claimed wallet address.

Was this page helpful?