How to fix this error: data: { message: 'invalid signature', code: -1 }

potato · April 4, 2024, 7:28am

Thanks for the reply. Here are some detailed information regarding the error.

I’ve double checked the private key, also tried creating a new NCW Admin CSR and changed the secret Key and the API Key in the backend (.env). Still i’m getting 401 (unauthorized) to initialize the SDK. Even if the private key is invalid, how am i able to assign a deviceId to create a walletId in the first place?

If we conclude that the problem is from the client side, i cloned the fireblocks official react demo example app (GitHub - fireblocks/ncw-web-demo: An example usage of @fireblocks/ncw-js-sdk for managing non-custodial wallets), changed Firebase Auth and connected with the local backend and getting the same 401 unauthorized.

I think the possible error would be at the environment entry points of the local backend server.

if possible can you please provide the exact environment (.env) file format used in the hosted version of the backend example https://ncw-demo-dev.2uaqu5aka49io.eu-central-1.cs.amazonlightsail.com.

.env for the example used:

NODE_ENV=dev
PORT=3001
CMC_PRO_API_KEY=""

# Fireblocks API
# FIREBLOCKS_API_SECRET & FIREBLOCKS_API_KEY_NCW_ADMIN - NCW Admin CSR.
FIREBLOCKS_API_SECRET="-----BEGIN PRIVATE KEY-----
Sf5UXRuSU71TvJ/W0sL3Bts1cspY/zGj9rZshzWc5jKRK7uyiFtGbHHpD4beIDm3
....
Bwy7pMRMvoJbmmYSJ1peTA5ulxnqo1U74FrnRQLk4UMh5W9Rvhcxn67oI+xgxhBH
ntODRl/aaLvEbsl/4Fc1P7m+wKYUDjPhyl0paA3qhaVs3HaUlVqG+mNN3XXdiqwK
1BaLDhvPAO3syKN8/6OX0tV9u/6/NLcDsmYQA6TfSMAYSwtpsXAxVAbZVL1DcZNt
ZV62aHuR/sru0I8gtzTAZStcnqJF8NYbERK0by8R7dwlhnBdHz6msXRXf/bqdevU
EsZhuzWDijU7dOJUU4xNIJQ2tqEbRsKCwO6iYRyljjJ37bg0P1OSYgPrgn4WGnQb
n8Sep0JkdCb92Cvs1WWWX4TLWwebWraH6WUXyFB4r0LQ1DKRboLvV+1KgHMnJ0sl
-----END PRIVATE KEY-----" 

FIREBLOCKS_API_KEY_NCW_ADMIN="Admin_api"
FIREBLOCKS_API_KEY_NCW_SIGNER="Signer_api"
FIREBLOCKS_WEBHOOK_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----"
FIREBLOCKS_API_BASE_URL="https://sandbox-api.fireblocks.io"

# Database
DB_HOST=localhost
DB_PORT=3306
DB_USERNAME=root
DB_PASSWORD=<root_password>
DB_NAME=ncw_demo

# Auth (Firebase)
JWKS_URI=https://www.googleapis.com/service_accounts/v1/jwk/securetoken@system.gserviceaccount.com
ISSUER=https://securetoken.google.com/fireblocks-web-app-cdb96
AUDIENCE=fireblocks-web-app-cdb96

Thanks in advance,
Manoranjith Shankar.

Topic		Replies	Views
Data: { message: ‘invalid signature’, code: -1 } Developer Discussion docs	3	466	February 28, 2024
My Sandbox Webhook Worked for months but recently encountered "Invalid webhook signature" Support	3	64	January 2, 2026
I am not able to initate a ncw wallet from a api key in nodejs getting error 401 Developer Discussion	3	226	September 17, 2024
Can't verify the webhook signature in sandbox Developer Discussion	14	773	February 19, 2025
Invalid signature Developer Discussion	1	584	December 18, 2023

How to fix this error: data: { message: 'invalid signature', code: -1 }

Related topics