Tempo Signature Integration (secp256k1 / P-256 / WebAuthn / Keychain V2)
Accept Tempo wallets signing with secp256k1, raw P-256, WebAuthn passkeys, or Keychain V2 access-key envelopes for EVM credits redemption on the Tempo chain.
Coinflow’s Tempo credits-redemption path accepts four signature shapes
through the same <CoinflowPurchase> integration:
0x04) — an authorized access key signing on
behalf of a root Tempo account, wrapped in a canonical Keychain V2
envelope. The wallet must register the access key on-chain via Tempo’s
AccountKeychain precompile before signing — see Tempo access-key wallets
(Keychain V2) below.All four resolve through the same Coinflow checkout API. The merchant’s
<CoinflowPurchase> integration stays the same regardless of which signer
the user holds — only the bytes inside the permitCredits field differ.
Your app owns the registration / sign-in UI and passes a compatible
EthWallet adapter into <CoinflowPurchase>. Coinflow does not create or
store keys or passkeys for the merchant.
If you are also settling to a merchant contract on Tempo, your contract must be whitelisted first. See Whitelist Your Contracts.
Tempo lets a root account authorize a separate access key to sign on its behalf, sparing users a root-passkey prompt on every transaction. Coinflow accepts these access-key signatures when the wallet emits a canonical Keychain V2 envelope:
The wallet must complete the following BEFORE the customer reaches checkout — Coinflow performs only the verification step:
0x76) carrying a key_authorization field, signed by
the root account’s secp256k1 / P-256 / WebAuthn key. The Tempo node
writes the authorization into the AccountKeychain precompile at
0xaAAA…0000. See Tempo’s
AccountKeychain spec
for the canonical registration flow.EthWallet.signMessage
as usual.signatureType
recorded for the access key (0=Secp256k1, 1=P-256, 2=WebAuthn) must
match the inner signature’s scheme. Mismatched types reject on-chain per
Tempo’s validate_keychain_authorization rule.If the wallet emits a V2 envelope without registering the access key first, Coinflow’s on-chain verification surfaces “Invalid credits auth signature” to the user. The wallet team must either:
authorizeKey AA-transaction registration flow above, or0x01 P-256 / 0x02 WebAuthn signatures,
which require no AccountKeychain registration.None. The merchant’s <CoinflowPurchase> integration code stays
identical — the customer’s wallet emits the V2 envelope, your EthWallet
adapter forwards the opaque bytes unchanged, and Coinflow’s contract
performs the keychain composition (TIP-1020 inner-signature recovery
followed by AccountKeychain authorization lookup) on-chain. No new SDK
parameters and no new API fields.
EthWallet adapter to
<CoinflowPurchase>. The adapter routes Coinflow’s signMessage request
to whichever signer the user chose (secp256k1, raw P-256, or WebAuthn).
Nothing else in your Coinflow integration changes.The snippets below show the minimum viem / viem/tempo calls to construct
each signer type. In a real merchant integration, wrap the resulting
Account (or wagmi connection) inside an EthWallet adapter — see
Adapt the wagmi session to an EthWallet
below for the WebAuthn path; the secp256k1 / P-256 paths follow the same
shape.
The snippets below generate ephemeral keys at runtime for illustration only. In production, derive keys from your secure key-management system and never commit private keys to source control.
For production browser flows, use Tempo’s wagmi webAuthn connector with a
remote KeyManager (covered in detail below). For headless / non-browser
contexts and tests, Account.fromHeadlessWebAuthn constructs a WebAuthn
signer from a P-256 key:
The walkthrough below targets the WebAuthn / passkey case, which has the
most setup. The secp256k1 and raw P-256 paths reuse the same
<CoinflowPurchase> integration; only the signer backing
EthWallet.signMessage differs. For secp256k1 or P-256, use any wagmi
connector (injected, walletConnect, or a custom one wrapping a
viem/tempo Account) and skip to
Adapt the wagmi session to an EthWallet.
webAuthn connector in your wagmi configRegister Tempo’s WebAuthn connector alongside your existing EVM
connectors. Use a remote key manager in production. Use
KeyManager.localStorage() for demos only: it stores the credential /
public-key mapping in the browser, so clearing storage or switching
devices breaks lookup. (The passkey key material itself stays in the
authenticator.)
KeyManager.localStorage() is demo-only — ship a server-backed
KeyManager.http(url) before production. The snippet below disables the
connector entirely in production builds when VITE_TEMPO_KEY_MANAGER_URL
is missing, preventing silent fallback to browser storage.
The connector accepts a capabilities argument on connect() that
selects between registering a new passkey (sign-up) and authenticating
with an existing one (sign-in). Pass the Tempo chain id when connecting
so the connector session targets the same Tempo network Coinflow uses.
EthWallet for <CoinflowPurchase>Coinflow’s iframe passes EIP-712 typed data into signMessage as a
JSON-stringified object — the same shape secp256k1 merchants already
handle. Parse the string, detect the EIP-712 shape, and route typed data
through wagmi’s useSignTypedData (which invokes the chosen connector).
Let typed-data errors surface — do not retry as personal_sign.
Compose the gate, adapter hook, and <CoinflowPurchase>:
The signMessage adapter from step 3 also handles Coinflow’s login
challenge. Users sign in with their Tempo signer (secp256k1, P-256, or
WebAuthn) with no extra client-side code.
The Coinflow iframe surfaces this message to the user during the Tempo signature flow:
KeyManager.http(url) at a
server-side key store. KeyManager.localStorage() is demo-only — it
stores the credential / public-key mapping in the browser, so the app
loses the mapping when browser storage is cleared or the user switches
devices.permitCredits field carries the
opaque signature bytes for whichever signer the user used.