Verifying one or more signatures against an account's public key on the Flow blockchain

[kaylaatkrikey]

Should the method Fcl.signUserMessage("Your message to sign") return a signed message that returns true when passing it through the flow developer tool's JS library utility function AppUtils.verifyUserSignatures from https://developers.flow.com/tools/fcl-js/reference/user-signatures?

I am using 0.2.3 of the fcl-android library with the blocto app version 3.16.2 to connect and sign a user message. However, when passing the signed message through the fcl-js utility function AppUtils.verifyUserSignatures, the method returns false indicating its not valid. Is this a bug or is this portto fcl-android lirbrary not actually compatible with Flow developer tools or is there something I need to do before I pass off to verify the user signature?

[Doge-is-Dope]

The signatures created by the blocto app shall be verifiable by fcl-js. If you log the signatures on Android, you shall see the returning data includes two composite signatures. Then you may be able to verify the array of signatures by fcl-js using the following code as an example.

const fcl = require("@onflow/fcl");

// Configure fcl environment
fcl.config({
  "flow.network": "testnet",
  "accessNode.api": "https://rest-testnet.onflow.org",
});

// Make sure you put the keyIds and the signatures correctly
const isValid = await fcl.AppUtils.verifyUserSignatures(Buffer.from("Hello").toString("hex"), [
    {
      f_type: "CompositeSignature",
      f_vsn: "1.0.0",
      addr: "0x9a5c23b2ba5ccd05",
      keyId: 0,
      signature:
        "c93763af026fd5419c9d2b1465d61d2f0807fae3ca978fcfc674172bb2da88e066933731d58f8f2e651c9a6bbd919a02c6c6eb708eec733f44757f18d7c867f5",
    },
    {
      f_type: "CompositeSignature",
      f_vsn: "1.0.0",
      addr: "0x9a5c23b2ba5ccd05",
      keyId: 2,
      signature:
        "c87a23edb0c837c4413257d3909bce55b2d1d440256113020e9e869628f7c9a828dbdcd6c145d7283779c6e714556143851e4cf4d4568e9139894c37f7406ba4",
    },
  ]);

console.log(isValid);

[kaylaatkrikey]

I'm not receiving 2 composite signatures - only 1

                            val messageToSign = "Hello"
                            when (val result = Fcl.signUserMessage(messageToSign)) {
                                is Result.Success -> {
                                    val userSignatures = result.value // Returns only 1 composite signature - Not 2
                                    when (val result = Fcl.verifyUserSignatures(messageToSign.toByteArray().toHexString(), userSignatures)) {
                                        is Result.Success -> {
                                            val isValid = result.value // Returns false
                                        }
                                        is Result.Failure -> {
                                            // Handle error
                                        }
                                    }

[Doge-is-Dope]

If you have the corresponding Blocto app installed, you shall get 2 composite signatures returning from the wallet app.

• testnet → Blocto (Dev)
• mainnet → Blocto

Let me know if you can't navigate to Blocto app while signing a message.