5

How to verify MetaMask account holder is the real owner of the address?

I recently saw this post and tried it immediately, unfortunately, I am not getting the right result from the server. I think it has something to do with the hashing algorithm sha3, but I am not sure. Could anyone please update the solution? Thank you!

Florian Pircher
  • 51
  • 1
  • 1
  • 2

4 Answers4

4

I think this is what you are asking for...

Using Web3.js 1.0 and Metamask:

Create a signature for a message:

var message = "Some string"
var hash = web3.utils.sha3(message)
var accounts = await web3.eth.getAccounts()
var signature = await web3.eth.personal.sign(hash, accounts[0])

Recover the address for a message + signature:

var hash = web3.utils.sha3(message)
var signing_address = await web3.eth.personal.ecRecover(hash, signature)

You should see that signing_address will match accounts[0] if you are using the same message and signature across the board.

Shawn Tabrizi
  • 8,008
  • 4
  • 19
  • 38
0

I have been into a similar issue and none of answers worked out of the box for me.

I have come up with a solution that was tested to work with MetaMask and WalletConnect. I have published a detail answer here: How to verify MetaMask account holder is the real owner of the address?

70ny
  • 231
  • 2
  • 6
0

metamask and web3 injected for recover an ethereum account by message and sign

var hashCodificado = web3.fromUtf8("Autentificacion en Plataforma")

        web3.personal.ecRecover(hashCodificado, "0x9b2d3a06ff7da90b629b18eaa56e150da522fa77d550d06be14049ee808ca3aa471af025c1aa40e5e11e3b42a0e033935da7b934059c1e6bebbc4f6h4486d7b51b", function (error, result) {
                if (error) alert("Necesitas identificarte para poder entrar al panel de usuario");
                if (result) {
                    alert("La cuenta que ha firmado la transaccion es: " + result)
                }
            });
Edgar hernandez wips
  • 1
0

Here's what works for me with MetaMask Version 7.1.1:

Signing a message:

var message = "Some string"
var hash = web3.sha3(message)
var account = web3.eth.accounts[0]

web3.personal.sign(hash, account, function(error, signature) {
    console.log(signature, error)
})

Getting the address of the signature:

var signature = "0x..."

var message_hash = web3.sha3(message)
web3.personal.ecRecover(message_hash, signature, function(error, signing_address) {
    console.log(signing_address, error);
})
2080
  • 191
  • 3