I can verify signature when using metamask(standlone) .
The issue is that signature(from moralis user authData) cannot be verified if we use authenticate() method;
const user = await authenticate({ signingMessage: "Messagge" });
if ( user ) {
// verifySignature is mapped to PHP endpoint for verification
await verifySignature(
user.attributes.authData.moralisEth.data,
user.attributes.ethAddress,
user.attributes.authData.moralisEth.signature
);
}
PHP Side
try {
$messageLength = strlen($message);
$hash = Keccak::hash("\x19Ethereum Signed Message:\n{$messageLength}{$message}",256);
$sign = [
"r" => substr($signature, 2, 64),
"s" => substr($signature, 66, 64)
];
$recId = ord(hex2bin(substr($signature, 130, 2))) - 27;
if ($recId != ($recId & 1)) {
return false;
}
$publicKey = (new EC('secp256k1'))->recoverPubKey($hash, $sign, $recId);
$derivedAddress = self::pubKeyToAddress($publicKey);
//echo "\n public key : ";print_r( $publicKey);
echo "\n param address : ". strtolower($address);
echo "\n derived address : ". $derivedAddress;
return strtolower($derivedAddress) === strtolower($address);
} catch (Exception $e) {
print_r($e->getMessage() );
}