Skip to content

Signing Operations String


The operations (ops) string is the only method of creating or updating an asset. For reference on how to correctly create an ops string, please see the relevant documentation.

The ops string must be cryptographically signed by your account, to prove that you have the authority to make changes in your universe

The ops string is very sensitive to white space, carriage returns, and quotation marks, and you should be careful to sign it correctly.

We provide an NPM package which creates and sign ops strings - the full code can be viewed in our API Signer repository

Getting your account from your private key

Our NPM package for Identities provides abstracted methods for dealing with your account. The full code of this package can be viewed here

// npm install freeverse-crypto-js
const identity = require('freeverse-crypto-js');

const PVK = <your_private_key>

const account = identity.accountFromPrivateKey(PVK);

// account.address => public FreeverseID of account
// account.privateKey => private key of account

Using your account to sign the string

The following example show how to use your universe account and universe id to sign the ops string. First, we concatenate the universe id and opsString together, before using the account to sign.

The code snippet below highlights the most important function, however we suggest strongly that view our API Signer repository for more details.

    signExecuteMutation({ universeOwnerAccount, universeIdx, opsStr }) {
        const digest = concatHash(
            ["uint32", "string"],
            [universeIdx, opsStr],
        const digestSignature = universeOwnerAccount.sign(digest);
        return digestSignature;

The returned signature can then be included in the input to the GraphQL mutation, as showed here.


You must strip the preceding "0x" from the signature string before using it in the GraphQL query.