Message Signing
Last updated
Last updated
In order to submit a transaction to the Kima blockchain, the user must sign a message containing the transaction details. This message is signed by the user's wallet and then included in data submitted to the Kima Transaction Backend /submit
endpoint.
The message is a string that is signed by the user's wallet. It contains the following information:
Allowance amount: in whole tokens i.e. 10.23
not 10230000
Origin token symbol
Origin chain symbol: see the list of chain symbols in the section
Target address
Target chain symbol
Template:
Get the message to sign by calling the /submit/fees
endpoint and selecting the appropriate version based on whether the user is paying fees from the origin or target chain.
To sign the message, the user's wallet must be connected and the message must be passed to the wallet client sign function. The following is an example of how to sign the message on EVM chains using .
This signature will be passed to the options
param of the /submit
endpoint.
Signing a messge significantly improves security in the following ways:
The signature is cryptographically verifiable as coming from the user's wallet. This is proof that the user has authorized the transaction.
The transaction details cannot be modified without invalidating the signature. This prevents a "man in the middle" attack where the destination address is changed to the attacker's address.