How does this skill help with time skew errors?

It compares the token's timestamp against the server's current time and identifies if the difference exceeds the default 5-minute timePad, suggesting clock synchronization or padding adjustments.

Can it diagnose issues with Sigma Auth?

Yes, the skill includes specific diagnostic patterns for Sigma Auth (auth.sigmaidentity.com) integrations, including token-for-endpoint verification and wallet connect flows.

What is the standard bitcoin-auth token format?

A valid bitcoin-auth token is a pipe-delimited string consisting of five parts: pubkey, scheme (bsm or brc77), ISO8601 timestamp, requestPath, and a Base64-encoded signature.

Why does my signature fail even if the components look correct?

Common causes include query parameter reordering in the requestPath, mismatched body encoding (UTF8 vs Base64), or using the token's timestamp instead of the server's time during verification.

Bitcoin Auth Diagnostics

Name: Bitcoin Auth Diagnostics
Author: Activer007

byActiver007

安全与测试

Diagnoses and resolves authentication failures, signature verification errors, and token generation issues within the bitcoin-auth ecosystem.

关于

Bitcoin Auth Diagnostics is a specialized skill designed to help developers troubleshoot complex authentication flows using the bitcoin-auth library. It provides a structured diagnostic workflow to validate token structures, verify cryptographic signatures for both BSM and BRC77 schemes, and identify common integration pitfalls such as time skew, request path mismatches, and body hash inconsistencies. Whether you are building with Sigma Auth or implementing custom Bitcoin-based identity solutions, this skill streamlines the debugging process by pinpointing exact failure points in the pipe-delimited token format.

主要功能

Detects timestamp drift and time skew issues between client and server
Analyzes request path and query parameter matching for signature integrity
Validates 5-part pipe-delimited token structure and component formats
0 GitHub stars
Diagnoses BSM and BRC77 signature scheme verification failures
Verifies body hash consistency across different encodings (UTF8, Hex, Base64)

使用场景

Verifying the correctness of new client-side token generation implementations
Troubleshooting clock synchronization issues causing authentication timeouts
Debugging 'invalid signature' or 'invalid token' errors in API integrations

关于

主要功能

Detects timestamp drift and time skew issues between client and server
Analyzes request path and query parameter matching for signature integrity
Validates 5-part pipe-delimited token structure and component formats
0 GitHub stars
Diagnoses BSM and BRC77 signature scheme verification failures
Verifies body hash consistency across different encodings (UTF8, Hex, Base64)

使用场景

Verifying the correctness of new client-side token generation implementations
Troubleshooting clock synchronization issues causing authentication timeouts
Debugging 'invalid signature' or 'invalid token' errors in API integrations