verify-webhook.ts
Node.js
supabase/functions/verify-webhook/index.ts
1import { verify } from '@noble/ed25519';
2
3const PUBLIC_KEY = Deno.env.get('WEBHOOK_PUBLIC_KEY')!;
4
5export async function verifyWebhook(
6 signature: string,
7 timestamp: string,
8 body: string
9): Promise<boolean> {
10 // Reject if timestamp is older than 5 minutes
11 const age = Date.now() - Number(timestamp) * 1000;
12 if (age > 5 * 60 * 1000) return false;
13
14 // Construct message: timestamp + body
15 const message = new TextEncoder().encode(
16 `${timestamp}.${body}`
17 );
18
19 // Verify Ed25519 signature
20 return await verify(signature, message, PUBLIC_KEY);
21}