verifySIWS(message, signature, address)
verifySIWS is an async function that verifies a signature against a message and the signer’s address, and returns the parsed SiwsMessage if the signature is valid. It supports sr25519, ed25519 and ecdsa signatures, and is built on pure JavaScript cryptography (@noble / @scure) — no @polkadot/* dependency, no WASM initialization, and it runs in any JavaScript runtime (Node.js, browsers, edge runtimes like Cloudflare Workers).
// example usage
try {
const siwsMessage = await verifySIWS(message, signature, address)
console.log(siwsMessage.nonce)
} catch (e) {
// either not a valid SIWS message or signature mismatched
}
Parameters
message: The full message that was signed, in either human-readable or JSON format.signature: The signature produced by the wallet — hex string orUint8Array, raw or<Bytes>-wrapped.address: The address that claims to have signed the message.
Lower level: verifySignature
If you need to verify a raw signature without parsing a SIWS message, the underlying verifySignature(message, signature, address) is also exported. It returns a { isValid, crypto, publicKey } result instead of throwing, where crypto is the detected signature scheme.