Dfns API Documentation
  • 👋Welcome
  • Getting Started
    • Onboarding to Dfns
    • Dfns Environments
    • Core API Objects
    • Supported Assets
    • Postman
    • Dfns SDKs
    • Dashboard Videos
  • API Docs
    • Introduction
    • Authentication
      • Delegated Authentication
        • Delegated Registration
        • Delegated Registration Restart
        • Delegated Login
      • User Action Signing
        • Create User Action Signature Challenge
        • Create User Action Signature
      • Registration
        • Create User Registration Challenge
        • Complete User Registration
        • Complete End User Registration with Wallets
        • Resend Registration Code
        • Social Registration
      • Login
        • Create User Login Challenge
        • Complete User Login
        • Social Login
        • Logout
        • Send Login Code
      • Users
        • List Users
        • Create User
        • Get User
        • Activate User
        • Deactivate User
        • Archive User
      • Service Accounts
        • List Service Accounts
        • Create Service Account
        • Get Service Account
        • Update Service Account
        • Activate Service Account
        • Deactivate Service Account
        • Archive Service Account
      • Applications
        • List Applications
        • Create Application
        • Create Server-Signed Application
        • Get Application
        • Update Application
        • Activate Application
        • Deactivate Application
        • Archive Application
      • Personal Access Tokens
        • List Personal Access Tokens
        • Create Personal Access Token
        • Get Personal Access Token
        • Update Personal Access Token
        • Activate Personal Access Token
        • Deactivate Personal Access Token
        • Archive Personal Access Token
      • Credentials
        • Credentials Overview
        • API Reference
          • Create Credential Code
          • Create Credential Challenge
          • Create Credential Challenge With Code
          • Create Credential
          • Create Credential With Code
          • Deactivate Credential
          • Activate Credential
          • List Credentials
      • Recovery
        • Send Recovery Code Email
        • Create Recovery Challenge
        • Create Delegated Recovery Challenge
        • Recover User
    • Wallets
      • Create Wallet
      • Update Wallet
      • Delete Wallet
      • [deprecated] Delegate Wallet
      • Get Wallet by ID
      • List Wallets
      • Get Wallet Assets
      • Get Wallet NFTs
      • Get Wallet History
      • Tag Wallet
      • Untag Wallet
      • Transfer Asset
      • Get Transfer Request by ID
      • List Transfer Requests
      • Sign and Broadcast Transaction
        • Algorand
        • Aptos
        • Bitcoin / Litecoin
        • Canton
        • Cardano
        • EVM
        • Solana
        • Stellar
        • Tezos
        • TRON
        • XRP Ledger (Ripple)
      • Get Transaction Request by ID
      • List Transaction Requests
      • [deprecated] Generate Signature
      • Advanced Wallet APIs
        • Import Wallet
        • [deprecated] Export Wallet
    • Fee Sponsors
      • Create Fee Sponsor
      • Get Fee Sponsor
      • List Fee Sponsors
      • Activate Fee Sponsor
      • Deactivate Fee Sponsor
      • Delete Fee Sponsor
      • List Sponsored Fees
    • Keys
      • Create Key
      • Update Key
      • Delete Key
      • Delegate Key
      • Get Key by ID
      • List Keys
      • Generate Signature
        • Algorand
        • Aptos
        • Bitcoin / Litecoin
        • Cardano
        • Cosmos Appchain
        • EVM
        • Solana
        • Stellar
        • Substrate (Polkadot)
        • Tezos
        • TON
        • TRON
        • XRP Ledger (Ripple)
      • Get Signature Request by ID
      • List Signature Requests
      • Advanced Key APIs
        • Import Key
        • Export Key
        • Deterministic Derivation
    • Networks
      • Estimate fees
      • Read Contract
      • Validators
        • Create Validator
        • List Validators
    • Policy Engine
      • Policies Overview
      • API Reference
        • Create Policy
        • Get Policy
        • List Policies
        • Update Policy
        • Archive Policy
        • Get Approval
        • List Approvals
        • Create Approval Decision
    • Permissions
      • Permissions Overview
      • API Reference
        • Get Permission
        • List Permissions
        • Create Permission
        • Update Permission
        • Archive Permission
        • Assign Permission
        • Revoke Permission
        • List Permission Assignments
    • Webhooks
      • Create Webhook
      • Get Webhook
      • List Webhooks
      • Update Webhook
      • Delete Webhook
      • Ping Webhook
      • Get Webhook Event
      • List Webhook Events
    • Dfns Change Log
    • API Errors
  • Integrations
    • Exchanges
      • Kraken
      • Binance
      • Coinbase Prime
      • API Reference
        • Create Exchange
        • List Exchanges
        • Get Exchange
        • Delete Exchange
        • List Exchange Accounts
        • List Exchange Account Assets
        • Create Exchange Deposit
        • Create Exchange Withdrawal
    • AML / KYT
      • Chainalysis
    • Staking
      • API Reference
        • Create Stake
        • Create Stake Action
        • List Stakes
        • List Stake Actions
        • get Rewards
    • Fiat On/Off-Ramps
    • Account Abstraction on EVMs
  • Advanced Topics
    • Authentication
      • API Authentication
      • Request Headers
      • Credentials
        • Generate a Key Pair
        • User Credentials
        • Access Token Credentials
        • Storing WebAuthn Credentials in Password Managers
      • Request Signing
      • API objects
    • Delegated Signing
    • API Idempotency
    • FAQ
  • Guides
    • Passkey Settings - Migration guide
    • Keys & Multichain - Migration Guide
Powered by GitBook
On this page
  • Required Permissions
  • Parameters
  • Path parameters
  • Request Body
  • Hash
  • Message
  • Chain Dependent Formats
  • Response Body
  • 200 Success
  1. API Docs
  2. Keys

Generate Signature

Last updated 1 month ago

POST /keys/{keyId}/signatures

Request to generate a signature with the key. This process does not broadcast anything on-chain, this is just an off-chain signature request.

Dfns is compatible with any blockchain that uses a supported . If Dfns doesn't officially integrate with a blockchain, you can use hash signing to generate the signatures to interact with the chain.

  • User action signature required. See for more information.

  • Request headers required. See for more information.

  • Authentication required. See for more information.

Required Permissions

Name
Conditions

Keys:Signatures:Create

Always Required

Parameters

Path parameters

Path parameter
Description

keyId

Unique identifier of the key.

Request Body

Hash

All cryptographic scheme support hash signing. Different blockchains will apply different hash functions to compute the hash.

Field
Description
Type - Optional

kind

Hash

String

hash

32-byte hash in hex encoded format.

String

taprootMerkleRoot

Required when signing with a Schnorr key. Specify the merkle root for tweaking the signing key, or the empty string "" to tweak with the default merkle root.

String

ECDSA and EdDSA Example

{
  "kind": "Hash",
  "hash": "0x031edd7d41651593c5fe5c006fa5752b37fddff7bc4e843aa6af0c950f4b9406"
}

Schnorr Example

{
  "kind": "Hash",
  "hash": "0x031edd7d41651593c5fe5c006fa5752b37fddff7bc4e843aa6af0c950f4b9406",
  "taprootMerkleRoot": ""
}

Message

In addition to the Hash method shown above, EdDSA keys also support signing arbitrary length Message payload longer than 32 bytes.

Field
Description
Type - Optional

kind

Message

String

message

Hex encoded message.

String

EdDSA Example

{
  "kind": "Message",
  "message": "0x01000507a824baef8cad745bb58148551728d245d6fc21679d1b8f3bbf6abed957f614719dca9b4fcc2b6a68aab9ef37b4db8dc5e99d2d803b577cc61c042453ddd525a6d215d4421860fc0e4a48255b2a6781a494e7ee3f055eeeda2233b590a07b6a2806a1d8179137542a983437bdfe2a7ab2557f535c8a78722b68a49dc00000000006a1d817a502050b680791e6ce6db88e1e5b7150f61fc6790a4eb4d10000000006a7d51718c774c928566398691d5eb68b5eb8a39b4b6d5c73555b210000000006a7d517193584d0feed9bb3431d13206be544281b57b8566cc5375ff40000001abbca65c30117367204561151b7660a672b5fc9fe3d2780d130ea30be604eea0103060102050604000402000000"
}

Chain Dependent Formats

Keys can also be used to sign more specific formats for different blockchains. See the available supported options by expanding this section in the left hand navigation.

Response Body

Field
Description
Type - Optional

id

ID of the signature request.

String

keyId

ID of the signing key.

String

requester.userId

ID of the user made the signature request.

String

requester.tokenId

ID of the token used to make the signature request.

String (optional)

requester.appId

Application ID used to make the signature request.

String (optional)

requestBody

The original request body.

Object

dateRequested

String

status

The current status of the request. See table below for a list of possible statuses.

String

signature

After successful signing, the signature separated into r, s, and recid. When signing a serialized transaction, encoded contains the complete signature formatted for the target blockchain.

Signature (optional)

signatures

When one request produces multiple signatures, for example signing a PSBT.

Array<Signature> (optional)

signedData

Serialized signed transaction with encoded signature when signing a transaction.

String (optional)

dateSigned

String (optional)

approvalId

ID of the approval when the request triggered a policy.

String (optional)

datePolicyResolved

String (optional)

reason

The failure reason if the request failed to complete.

String (optional)

txHash

The transaction hash if the signature is found on chain.

String (optional)

fee

The transaction fee.

String (optional)

network

The network of the transaction.

String (optional)

dateConfirmed

String (optional)

Request Statuses

Status
Definition

Pending

Executing

The request is approved and is in the process of being signed. Note this status is only set for a short time between pending and signed

Signed

The signature is complete and available in the response body.

Confirmed

The signature has been confirmed on-chain by our indexing pipeline.

Failed

Indicates an internal system failure to complete the request.

Rejected

The request has been rejected by a policy approval action.

200 Success

{
  "id": "sig-2ouaj-f4nq6-xxxxxxxxxxxxxxxx",
  "keyId": "key-1f04s-lqc9q-xxxxxxxxxxxxxxxx",
  "requester": {
    "userId": "us-3v1ag-v6b36-xxxxxxxxxxxxxxxx",
    "tokenId": "to-7mkkj-c831n-xxxxxxxxxxxxxxxx",
    "appId": "ap-24vva-92s32-xxxxxxxxxxxxxxxx"
  },
  "requestBody": {
    "kind": "Hash",
    "hash": "0x031edd7d41651593c5fe5c006fa5752b37fddff7bc4e843aa6af0c950f4b9406"
  },
  "status": "Signed",
  "signature": {
    "r": "0x05e365d4304eaa78516eb309bff91f8c12e5445a431e3f2428239678d0150c6c",
    "s": "0x47e0765c439fb42d57767910865d240964b7b09f2b2f74d8f14a63da7ce5a1fe",
    "recid": 0
  },
  "dateRequested": "2023-05-15T20:21:11.576Z",
  "dateSigned": "2024-01-10T19:07:40.533Z"
}

date string when the request was made.

date string when request was signed.

date string when the triggered policy was either approved or denied.

date string when the transaction was confirmed on chain.

The request is pending approval due to a to the wallet.

ISO 8601
ISO 8601
ISO 8601
ISO 8601
policy applied
User Action Signing
Request Headers
Authentication Headers
key format