✨Works out of the box guarantee. If you face any issue at all, hit us up on Telegram and we will write the integration for you.
logoReclaim Protocol Docs
Javascript SDK

Verifying the proof

Critical step to make sure user is not trying to defraud your app

Why do I need to verify, when the proof has already been generated?

The proof generation is a client side operation. On Success Callback is only responsible for notifying when the proof is generated successfully. All the proofs generated should be verified on your backend as a malicious user can bypass any check you add on the frontend.

Verifying proofs is a very simple light weight operation. You can think of it as verifying the digital signatures to make sure the data is tamper resistant.

Quickstart

Setup the callback endpoint

This should be the endpoint that will be called by your onSuccess callback.

This endpoint should be of type POST.

Decode the proof object

const proofs = JSON.parse(decodedBody);

Verify the proof

import { verifyProof } from '@reclaimprotocol/js-sdk';
 
...
const isValid = await verifyProof(proofs);

Extract the data

Context

If you set contextAddress and contextMessage when building the request, you can get them back :

const {contextAddress, contextMessage} = JSON.parse(proofs[i].context);

Extacted Parameters

The data that was extracted from the webpage that the user logged in into, depending on what data was configured to be extracted using the provider you had set when building the request.

const { extractedParameters } = JSON.parse(proofs[i].context);

Sanity Check

TODO

Sample implementation in Next.js

TODO

Structure of proofs

{
 
        "identifier": "...",
 
        "claimData": {
 
          "provider": "...",
 
          "parameters": "...",
 
          "owner": "...",
 
          "timestampS": "...",
 
          "context": "{\n  \"contextAddress\": \"...\",\n  \"contextMessage\": \"...\",\n  \"extractedParameters\": {\n    \"pageTitle\": \"<pageTitle_value>\",\n    \"ianaLinkUrl\": \"<ianaLinkUrl_value>\"\n  },\n  \"providerHash\": \"...\"\n}",
 
          "identifier": "...",
 
          "epoch": "..."
 
        },
 
        "signatures": [
 
          "..."
 
        ],
 
        "witnesses": [
 
          {
 
            "id": "...",
 
            "url": "..."
 
          }
 
        ],
 
        "taskId": "'...' || null",
 
        "publicData": "{...} || null"
 
      }

Previous

Asking the user to generate the proof

Next

Getting Started

On this page