erc8128_verify_signature
Verify ERC-8128 HTTP message signatures by checking RFC 9421 validity, recovering Ethereum signer addresses, and validating expiry timestamps.
Instructions
Verify an ERC-8128 HTTP message signature. Checks RFC 9421 signature validity, recovers the signer's Ethereum address, and validates expiry.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| method | Yes | HTTP method | |
| url | Yes | Request URL | |
| headers | Yes | HTTP headers from the signed request | |
| signature_input | Yes | Signature-Input header value | |
| signature | Yes | Signature header value | |
| content_digest | No | Content-Digest header value |
Implementation Reference
- The handler logic for the erc8128_verify_signature tool, which formats the request and calls the backend API.
async (args) => { // Merge signature headers into the headers dict (REST API extracts from headers) const headers = { ...args.headers }; headers['signature-input'] = args.signature_input; headers['signature'] = args.signature; if (args.content_digest) headers['content-digest'] = args.content_digest; const requestBody: Record<string, unknown> = { method: args.method, url: args.url, headers, }; const result = await apiClient.post('/v1/erc8128/verify', requestBody); return toToolResult(result); }, - The input schema for the erc8128_verify_signature tool defining the required parameters.
{ method: z.enum(['GET', 'POST', 'PUT', 'DELETE', 'PATCH']).describe('HTTP method'), url: z.string().url().describe('Request URL'), headers: z.record(z.string()).describe('HTTP headers from the signed request'), signature_input: z.string().describe('Signature-Input header value'), signature: z.string().describe('Signature header value'), content_digest: z.string().optional().describe('Content-Digest header value'), }, - packages/mcp/src/tools/erc8128-verify-signature.ts:13-48 (registration)The registration function for the erc8128_verify_signature tool.
export function registerErc8128VerifySignature( server: McpServer, apiClient: ApiClient, walletContext?: WalletContext, ): void { server.tool( 'erc8128_verify_signature', withWalletPrefix( 'Verify an ERC-8128 HTTP message signature. Checks RFC 9421 signature validity, recovers the signer\'s Ethereum address, and validates expiry.', walletContext?.walletName, ), { method: z.enum(['GET', 'POST', 'PUT', 'DELETE', 'PATCH']).describe('HTTP method'), url: z.string().url().describe('Request URL'), headers: z.record(z.string()).describe('HTTP headers from the signed request'), signature_input: z.string().describe('Signature-Input header value'), signature: z.string().describe('Signature header value'), content_digest: z.string().optional().describe('Content-Digest header value'), }, async (args) => { // Merge signature headers into the headers dict (REST API extracts from headers) const headers = { ...args.headers }; headers['signature-input'] = args.signature_input; headers['signature'] = args.signature; if (args.content_digest) headers['content-digest'] = args.content_digest; const requestBody: Record<string, unknown> = { method: args.method, url: args.url, headers, }; const result = await apiClient.post('/v1/erc8128/verify', requestBody); return toToolResult(result); }, ); }