Hey, looking for help validating a Hive signature in PHP
Hey, I’m following @brianoflondon ’s example and posting for some help. I’m trying to do almost exactly what he did in Python, but validate a Hive signature using PHP.
Brian did it here in Python, using the beempy library:
I’m building some new WordPress plugins that interact with Hive for a new project, InnerWebBlueprint.com (IWB for short). I’ll write some more about that when it’s a bit more complete… In the meantime,.
This first plugin is a Single Sign On (SSO) plugin that allows a user to login to WordPress with just their Hive account.
It's actually working!!! You can try it out here:
https://www.innerwebblueprint.com/wp-login.php
Code here:
https://www.innerwebblueprint.com/go/github/github-iwb-hive-wp-sso/
direct:
https://github.com/innerwebblueprint/iwb-hive-wp-sso
But... I’m having to do the signature verification in python which requires a specific python library, beempy. I haven’t figured out how to do it in PHP yet, so this plugin, as it is, won’t work without python and that python library.
Obviously this is not ideal for ‘general use’ as installing python libraries is not a trivial task for most people who run a WordPress site. It’s highly unlikely that any general hosting will have these libraries available.
I’d really like to be able to verify this signature in PHP, so this WordPress plugin can be used more widely, without having to use python and the beempy library.
Elliptic curve stuff is like level 9+ nerd, and I’m still only level 4 and I’m having trouble figuring out how to do it! I’ve pulled some examples from other plugins that do this kind of thing with ETH, but I’m still kinda lost.
These two functions look like they are doing what I want to do, but it’s honestly still a little ‘greek’ to me. Hoping for some help. I’m not even sure I’m barking up the right tree here? I’ve been told by some that it currently can’t be done? That doesn’t seem right to me though.
function verify_signature($message, $signature, $address) {
$msglen = strlen($message);
$hash = Keccak::hash("\x19Ethereum Signed Message:\n{$msglen}{$message}", 256);
$sign = ["r" => substr($signature, 2, 64),
"s" => substr($signature, 66, 64)];
$recid = ord(hex2bin(substr($signature, 130, 2))) - 27;
if ($recid != ($recid & 1)){
return 0;
}
$ec = new EC('secp256k1');
$pubkey = $ec->recoverPubKey($hash, $sign, $recid);
return $address == $this->pub_key_to_address($pubkey);
}
function pub_key_to_address($pubkey) {
return "0x" . substr(Keccak::hash(substr(hex2bin($pubkey->encode("hex")), 1), 256), 24);
}
Any experts out there that can lend some examples? Or point me in the right direction? The one plugin I found includes the Elliptic and Keccak libraries
https://github.com/simplito/elliptic-php
https://github.com/kornrunner/php-keccak
use Elliptic\EC;
use kornrunner\Keccak;
But I’ve still got lots to learn. I’m really lost on the hashing, encoding, hexing, helixifying, and how to work with all that stuff. I have lots to learn when it comes to all that kind of stuff. It makes my brain hurt LOL!
I sorta settled with the python route to get this plugin working for now, because beempy is super easy to work with, and this plugin is originally designed to be used with a Docker image for my IWB project that already includes everything required.
I’m building this for a specific use case for my IWB project to connect a bunch of self hosted wordpress websites together using Hive as a shared reference point (user accounts in this case).
But if I can verify the signature in php with libraries I can just include, this plugin can be much more widely available, and used by any self hosted WordPress website. Not really sure how many people would be interested in that? But it seemed like a good thing.
Any direction, help, or examples you can throw my way would be great! Even if that’s just a good recommendation for books or courses on understanding all this elliptic curve stuff!
Thanks!
Oh, p.s. @brianoflondo thanks again for showing your work online, it’s been very helpful, very much appreciate it.
Keep up the great work bro
Thanks for the support and the Hive delegation @hiro-hive! Very much appreciate it!
This is a one-time notice from SCHOOL OF MINNOWS, a free value added service on hive.
Getting started on hive can be super hard on these social platforms 😪 but luckily there is some communities that help support the little guy 😊, you might like school of minnows, we join forces with lots of other small accounts to help each other grow!
Finally a good curation trail that helps its users achieve rapid growth, its fun on a bun! check it out. https://plu.sh/somland/
Congratulations @innerwebbp! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s):
Your next target is to reach 100 upvotes.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPCheck out the last post from @hivebuzz:
Support the HiveBuzz project. Vote for our proposal!
Hi @innerwebbp! This is @proteancreator from @ocd (Original Content Decentralized) team 😄. We saw that you already posted your first blog here in Hive! Congratulations and welcome! I'm glad you're already starting to write about coding and web development problems.
Anyways, I don't know if you're aware but the best way to start your journey here in Hive is do an awesome ✨introduction post✨. You can choose on whatever information you would like to share and be creative as you want to be. This will help other Hivers get to know you and be comfortable supporting your works here.
It's also best to subscribe to Communities you like and share your blogs there to have a wider range of audience. Or you can check out the Communities Incubation Program.
Also, letting you know since content on the Hive platform is monetized, using other people’s ideas or images could be considered as an offense and which is also viewed in a serious light on the blockchain. Here is a useful collection of resources about how plagiarism and abuse is viewed and handled on Hive.
If you are looking for tips and information as a Hive newbie, click here: Newbie guide. If you have questions, you can hop into Discord server and we'll gladly answer your questions. Feel free to tag @lovesniper @proteancreator once you have made your awesome ✨introduction post✨! See you around 😉.