> ## Documentation Index
> Fetch the complete documentation index at: https://docs.phantom.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Signing messages

> Learn how to sign messages for authentication, verification, and other use cases with Phantom Server SDK

<Danger>
  The Server SDK is currently experimental and not ready for production use. Reach out to [partnerships@phantom.com](mailto:partnerships@phantom.com) for access.
</Danger>

## Overview

Message signing is a crucial feature for authentication, proof of ownership, and creating verifiable statements. This guide covers how to sign messages using the Phantom Server SDK.

The SDK provides a simple interface for signing messages:

```typescript theme={null}
const signature = await sdk.signMessage({
  walletId,      // The wallet to sign with
  message,       // The message to sign (string)
  networkId      // The network context
});
```

The signature returned is a base64-encoded string that can be verified using the wallet's public key.

## Basic message signing

### Simple example

```typescript theme={null}
import { ServerSDK, NetworkId } from '@phantom/server-sdk';

async function signAuthMessage(walletId: string) {
  const message = 'Please sign this message to authenticate with our service';

  const signature = await sdk.signMessage({
    walletId,
    message,
    networkId: NetworkId.SOLANA_MAINNET
  });

  console.log('Message:', message);
  console.log('Signature:', signature);
  
  return signature;
}
```

### Network-specific signing

Different networks use different signing algorithms:

```typescript theme={null}
// Solana - Ed25519 signatures

const solanaSignature = await sdk.signMessage({
  walletId, 
  message: 'Hello Solana',
  networkId: NetworkId.SOLANA_MAINNET
});

// Ethereum - ECDSA signatures (coming soon)
const ethSignature = await sdk.signMessage({
  walletId,
  message: '0x48656c6c6f20576f726c64', // Hex encoded message
  networkId: NetworkId.ETHEREUM_MAINNET
});
```

## Examples

### Timestamped messages

Sign messages with timestamps for audit trails:

```typescript theme={null}
async function signTimestampedMessage(
  walletId: string,
  action: string,
  data: any
) {
  const timestamp = new Date().toISOString();
  const message = JSON.stringify({
    action,
    data,
    timestamp,
    version: '1.0'
  });


  const signature = await sdk.signMessage({
    walletId,
    message,
    networkId: NetworkId.SOLANA_MAINNET
  });
  
  return {
    message,
    signature,
    timestamp
  };
}

// Example usage
const auditLog = await signTimestampedMessage(
  walletId,
  'TRANSFER_APPROVED',
  { to: recipientAddress, amount: '100 SOL' }
);
```

## Best practices

* Always include unique data in messages to prevent replay attacks (nonce, timestamp).
* Store message-signature pairs for audit and verification purposes.
* Use structured messages (JSON) for complex data that needs signing.
* Verify signatures server-side before processing any authenticated actions.

## Next steps

* [Learn about transaction signing](/sdks/server-sdk/signing-transactions)
* [Explore the complete API reference](/sdks/server-sdk/api-reference)
* [View example applications](https://github.com/phantom/phantom-connect-sdk/tree/main/examples/server-sdk-examples)

## Disclaimers

The Server SDK is a beta version, and Phantom will not be liable for any losses or damages suffered by you or your end users.
Any suggestions, enhancement requests, recommendations, or other feedback provided by you regarding the Server SDK will be the exclusive property of Phantom. By using this beta version and providing feedback, you agree to assign any rights in that feedback to Phantom.
