Skip to content
API Reference

WebAuthn Signers

Overview

The Web Authentication API contains a number of different credential types, including a credential with support for the P256 curve. This means that you can use WebAuthn-enabled authenticators like a Passkey or a Yubikey to sign transactions and arbitrary payloads.

By combining WebAuthn Signers with Account Abstraction, this means that Smart Contract Accounts can verify WebAuthn-P256 signatures with onchain arbitrary signature verification mechanisms such as EIP-1271: Signature Verification for Contracts.

Ox exports the WebAuthnP256 module, which contains utilities for working with a WebAuthn-P256 Signer.

Examples

Registering a WebAuthn Credential

A WebAuthn credential can be registered using the WebAuthnP256.createCredential function.

import { WebAuthnP256 } from 'ox'
 
const 
const credential: WebAuthnP256.P256Credential
credential = await WebAuthnP256.createCredential({ name: 'Example' })

Signing a Payload

Once we have a credential, we can use the WebAuthnP256.sign function to sign a challenge (payload).

import { WebAuthnP256 } from 'ox'
 
const credential = await WebAuthnP256.createCredential({ name: 'Example' })
 
const { metadata, signature } = await WebAuthnP256.sign({ 
  challenge: '0xdeadbeef', 
  credentialId: credential.id, 
})
 

const metadata: {
    authenticatorData: Hex;
    challengeIndex: number;
    clientDataJSON: string;
    typeIndex: number;
    userVerificationRequired: boolean;
}
metadata
 
 
 
 
 
 
 
 
 

const signature: {
    r: bigint;
    s: bigint;
    yParity?: number | undefined;
}
signature

Verifying a Signature

Signatures can be verified using the WebAuthnP256.verify function.

import { WebAuthnP256 } from 'ox'
 
const credential = await WebAuthnP256.createCredential({
  name: 'Example',
})
 
const { metadata, signature } = await WebAuthnP256.sign({
  credentialId: credential.id,
  challenge: '0xdeadbeef',
})
 
const verified = await WebAuthnP256.verify({ 
  metadata, 
  challenge: '0xdeadbeef', 
  publicKey: credential.publicKey, 
  signature, 
})

Related Modules

ModuleDescription
WebAuthnP256Utility functions for working with WebAuthn-P256 Signers.