Information about message signing

Support
Support
  • Updated

What is message signing and why does Gamma use it?

When you log in with Gamma, we ask you to sign a message with your connected wallet address. This allows us to validate that you are the true owner of your wallet address, given that only you have permission to sign messages on your behalf.

This works like signing a bank check, where the bank verifies your signature against the signature block they have on file. Digital signatures from your wallet are much more tamper-proof than signature blocks at a bank because they are cryptographically secured; however, anyone with access to your seed phrase or private key will have the ability to sign messages on your behalf. This is why it's crucially important to never share your seed phrase with anyone, for any reason. Gamma will never ask you for your seed phrase; signing a message proves you have possession over your seed phrase without actually revealing it.

 

Levels of authentication on Gamma

  1. Anonymous: This means that you have not connected your wallet or signed a message. You will be able to browse the site, but you will not be able to broadcast transactions or use any of Gamma’s social features.
  2. Connected: This means that you have connected your wallet to Gamma.io but have not signed a message with that wallet to prove you are its true owner. While this is sufficient for communicating transactions back to your wallet for signing and broadcast (e.g. sign this transaction that states you are purchasing an NFT), it is not sufficient level of authentication to prove that you are an owner of the address, which is required to utilize Gamma’s social features. You will be prompted to sign a message as soon as you complete this step, so it's likely that you remain in the Connected state for a very brief period (or longer if you refuse to sign the message).
  3. Authenticated: This means that you have signed a message and Gamma has verified you as an owner of your address. Practically speaking, this means that you will be able to utilize Gamma’s social features. For your safety, we limit the Authenticated session length to a much shorter period than the Connected session length, so be mindful that you will be prompted to re-sign a message on a recurring basis – this is expected behavior.

 

What happens if I do not or cannot sign a message?

If you decline to sign a message or if your wallet does not support message signing, you'll still be able to perform basic marketplace functions on Gamma, such as buying, selling, or transferring NFTs.

These actions do not require us to first validate you have the authority to sign a message, given that you would only be able to successfully broadcast and have a transaction confirmed if you are indeed the owner of the connected wallet.

That said, for actions that do not occur "on-chain," for example, following other users, liking NFTs, setting your bio and profile picture, and other similar features, we cannot make the assumption that you are the true owner of the connected wallet without a signed message. These features will be disabled in the event that you decline or cannot sign a message.

 

How can I sign a message if I accidentally dismiss it?

If you are Connected, you will see operations that would otherwise require a signed message, but they will prompt you to sign a message if you engage with them. For example, if you click to follow a user while simply Connected, you will then be prompted to authenticate.

If you've accidentally dismissed or rejected a message signing prompt, simply attempt to edit your profile, follow a user, or favorite an NFT.

The easiest way to re-trigger the message is by simply disconnecting and reconnecting your wallet. After reconnecting, you'll again be prompted to sign the message.



Was this article helpful?

1 out of 2 found this helpful

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.