Sign Message and Typed Data

Xellar's implementation of smart accounts follows the ERC1271 standard, allowing the smart account (a smart contract) to sign messages or typed data in a way that can be verified on-chain. Unlike Externally Owned Accounts (EOAs), smart accounts do not have a private key, so signatures must be crafted and validated using the isValidSignature function as defined by ERC1271. This process is distinct from signing user operations and enables dApps or other contracts to confirm that a message or typed data was "signed" by the smart account, even if the account is not yet activated.

Steps for Signing a Message or Typed Data

1. Request the Hash: When required to sign a message or typed data, the organization should first request the hash from the API.
2. Sign with the Account Owner's Private Key: Use the account owner's private key to sign the hash.
3. Build the Final Signature: Call the buildSignature API to receive the final valid signature.

Important Notes

• The signing process is available even if the account is not yet activated.
• Ensure that the correct private key is used for signing to avoid invalid signatures.
• The final signature must be built using the buildSignature endpoint to be recognized by the smart account.