Skip to content

Example and Tutorial for end to end signature flow - for intent based applications. #314

Description

@yellowBirdy

Feature description

A complete, canonical example of the signature flow.

The goal of this tutorial should be to provide a complete, executable example that can be followed by a third-party developer from start to finish.

Scope

  • Message construction.
  • Message serialization.
  • Message hashing.
  • Signature generation:
    • in the frontend / wallet.
    • in rust client
  • Signature transport and submission.
  • Signature verification
    • in rust client
    • inside the vm.
  • Handling invalid signatures.
  • Using successful verification to authorize an action.

Requirements

Canonical Message Format

Provide a simple but realistic message structure that can be used throughout the tutorial.

The purpose is not to define a standard intent format, but to establish a reproducible example for demonstrating signing and verification.

The exact fields are less important than ensuring the entire flow is deterministic and reproducible.

Canonical Serialization Format

Explicitly define:

  • field ordering
  • encoding format
  • integer representation
  • byte ordering
  • array handling
  • serialization boundaries

Message Hashing

Demonstrate:

  • how the message is transformed into a signing payload
  • which hash function is used
  • how the digest is represented
  • how the digest is passed into signing and verification logic

The exact intermediate values should be shown.

Frontend Signing Example

Provide a complete frontend example showing:

  • message construction
  • serialization
  • hashing
  • signature generation
  • extraction of the public key
  • resulting signature output

The example should be executable with minimal modification.

Contract Verification Example

Provide a complete MASM example showing:

  • receiving a message or digest
  • receiving a signature
  • receiving a public key
  • performing signature verification
  • handling success and failure cases
  • execute a simple action based on message content

The example should compile and execute without modification.

End-to-End Integration Test

Provide a runnable integration example demonstrating:

  • Construct message.
  • Serialize message.
  • Hash message.
  • Sign message.
  • Submit signature and payload.
  • Verify signature inside a contract.
  • Execute an authorized action.

The entire flow should be executable by a third-party developer without requiring protocol-level knowledge.

Security Considerations

The tutorial should explain:

  • what exactly is being signed
  • replay risks
  • message uniqueness requirements
  • recommended signing patterns
  • common implementation mistakes

The tutorial should serve as the canonical reference for signature-based authorization on Miden.

Why is this feature needed?

Currently, there is no end-to-end reference showing such a flow would be implemented in a realistic application.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Fields

    No fields configured for Feature.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions