Why signing is required.

Similar to signing transactions in EVM-compatible wallets, signing in the ARTM specification verifies the identity of the address making the updates, ensuring that the message comes from the legitimate wallet owner.

The inclusion of a nonce in the message, which is also signed, prevents replay attacks. Each message is unique, and reuse of the nonce would be detected, ensuring that the same message cannot be maliciously resent.

Steps to sign an ARTM message

import {
  useGetARTM,
  useSignAndSubmitTransaction,
} from '@futureverse/asset-register-react/v2'
import { useEffect, useState } from 'react'

const operations = [
  {
    type: 'asset-link',
    action: 'create',
    args: [
      'equipWith_asmBrain',
      'did:fv-asset:1:evm:0x6bca6de2dbdc4e0d41f7273011785ea16ba47182:1000',
      'did:fv-asset:1:evm:0x1ea66a857de297471bc12dd12d93853ff6617284:21',
    ],
  },
]

export const ARTMSubmit = () => {
  // Step 1: Get signer
  // useSigner is getting signer from `await (new providers.Web3Provider(window.ethereum)).getSigner()`
  const signer = useSigner() 
  const [address, setAddress] = useState<string>()
  useEffect(() => {
    if (!signer) {
      return
    }
    signer.getAddress().then((_address) => setAddress(_address))
  }, [signer])

  // Step 2: Get the ARTM object
  const {
    artm,
    reactQuery: { refetch: getARTM },
  } = useGetARTM(
    {
      address,
      operations,
    },
    { enabled: false },
  )

  // Step3: Sign ARTM and sumbit transaction
  const { submitAsync, transaction } = useSignAndSubmitTransaction()
  const submitARTM = async () => {
    const { data: artm } = await getARTM()
    if (!artm) {
      return
    }
    return submitAsync({ artm, check })
  }

  return (
     <div>{`transactionHash: ${artm.transactionHash}`}</div>
  )
}

Was this page helpful?