I am using ecdsa API to develop a dapp, as the update call will spend cycles, so any method to protect the call? and how to confirm my ECDSA private key is controlled by a canister
#[update]
async fn sign(message: String) -> Result<SignatureReply, String> {
// todo check proof
let request = SignWithECDSA {
message_hash: sha256(&message).to_vec(),
derivation_path: vec![],
key_id: EcdsaKeyIds::ProductionKey1.to_key_id(),
};
let (response,): (SignWithECDSAReply,) = ic_cdk::api::call::call_with_payment(
mgmt_canister_id(),
"sign_with_ecdsa",
(request,),
25_000_000_000,
)
.await
.map_err(|e| format!("sign_with_ecdsa failed {}", e.1))?;
Ok(SignatureReply {
signature_hex: hex::encode(&response.signature),
})
}