Skip to main content
The Server SDK is currently experimental and not ready for production use. Reach out to partnerships@phantom.com for access.

Overview

Message signing is a crucial feature for authentication, proof of ownership, and creating verifiable statements. This guide covers how to sign messages using the Phantom Server SDK. The SDK provides a simple interface for signing messages:
The signature returned is a base64-encoded string that can be verified using the wallet’s public key.

Basic message signing

Simple example

Network-specific signing

Different networks use different signing algorithms:

Examples

Timestamped messages

Sign messages with timestamps for audit trails:

Best practices

  • Always include unique data in messages to prevent replay attacks (nonce, timestamp).
  • Store message-signature pairs for audit and verification purposes.
  • Use structured messages (JSON) for complex data that needs signing.
  • Verify signatures server-side before processing any authenticated actions.

Next steps

Disclaimers

The Server SDK is a beta version, and Phantom will not be liable for any losses or damages suffered by you or your end users. Any suggestions, enhancement requests, recommendations, or other feedback provided by you regarding the Server SDK will be the exclusive property of Phantom. By using this beta version and providing feedback, you agree to assign any rights in that feedback to Phantom.