Signing
TON data signatures are commonly used for off-chain verification, login proof, and contract-related authorization. Please ensure that the data structure, schema, and challenge values are generated by the application backend and can be verified before signing.
Sign arbitrary data
Use signData to request a user-signed Base64 encoded cell:
const callResult = await provider.send({
method: "signData",
id: Date.now().toString(),
requestParams: [
JSON.stringify({
schema_crc: 0, // Note: Custom schema identifier
cell: cellBoc.toString("base64"), // Note: Base64 encoded cell to be signed
}),
],
});
if ("callResult" in callResult) {
console.log("Generated signature:", callResult.callResult.signature); // Note: Base64 signature
console.log("Recorded timestamp:", callResult.callResult.timestamp); // Note: UNIX timestamp
}
Proof of signature (authentication)
In login scenarios, request ton_proof when connecting and put the challenge generated by the server into the payload:
const connectEvent = await provider.connect(2, {
manifestUrl: "https://sampleapp.example/tonconnect-manifest.json",
items: [
{ name: "ton_addr" },
{
name: "ton_proof",
payload: "server-issued-demo-challenge", // Note: Nonce for anti-replay
},
],
});
if (connectEvent.event === "connect") {
const proofItem = connectEvent.payload.items.find(
(i) => i.name === "ton_proof",
);
if (proofItem) {
// Send the proof to your backend for verification
const proof = proofItem.proof;
console.log({
signature: proof.signature,
timestamp: proof.timestamp,
domain: proof.domain,
payload: proof.payload,
});
}
}
Handle Errors
const callResult = await provider.send({
method: "sendTransaction",
id: Date.now().toString(),
requestParams: [
/* remaining fields omitted */
],
});
if ("error" in callResult) {
switch (callResult.error.code) {
case 300:
console.log("The transaction was declined by the user");
break;
case 1:
console.log("Request error - review the parameters");
break;
case 400:
console.log("This method is not supported");
break;
default:
console.error("Operation error:", callResult.error.message);
}
} else {
console.log("Successful callResult:", callResult.callResult);
}
error code
| Code | Details |
|---|---|
| 0 | unknown error |
| 1 | Request payload error |
| 100 | Unrecognized application |
| 300 | User rejected the request |
| 400 | Action is unavailable |