From 5d314012113b21d03124541f55554d82c78f12ab Mon Sep 17 00:00:00 2001
From: f321x <f@f321x.com>
Date: Tue, 20 Jan 2026 13:45:39 +0100
Subject: [PATCH] qml: require authentication for message signing

Requests authentication when trying to sign a message if "Payment
Authentication" is enabled.
---
 .../gui/qml/components/SignVerifyMessageDialog.qml     | 10 ++++++++--
 electrum/gui/qml/qewallet.py                           |  7 +++++--
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/electrum/gui/qml/components/SignVerifyMessageDialog.qml b/electrum/gui/qml/components/SignVerifyMessageDialog.qml
index 0b0fca7bc..4a6321bac 100644
--- a/electrum/gui/qml/components/SignVerifyMessageDialog.qml
+++ b/electrum/gui/qml/components/SignVerifyMessageDialog.qml
@@ -189,8 +189,8 @@ ElDialog {
                 enabled: _addressMine
                 icon.source: '../../icons/seal.png'
                 onClicked: {
-                    var sig = Daemon.currentWallet.signMessage(addressField.text, plaintext.text)
-                    signature.text = sig
+                    Daemon.currentWallet.signMessage(addressField.text, plaintext.text)
+                    // emits messageSigned(sig)
                 }
             }
             FlatButton {
@@ -207,7 +207,13 @@ ElDialog {
                 }
             }
         }
+    }
 
+    Connections {
+        target: Daemon.currentWallet
+        function onMessageSigned(sig) {
+            signature.text = sig
+        }
     }
 
     Component.onCompleted: {
diff --git a/electrum/gui/qml/qewallet.py b/electrum/gui/qml/qewallet.py
index b2b3a64a3..98f7994c7 100644
--- a/electrum/gui/qml/qewallet.py
+++ b/electrum/gui/qml/qewallet.py
@@ -78,6 +78,7 @@ class QEWallet(AuthMixin, QObject, QtEventListener):
     otpFailed = pyqtSignal([str, str], arguments=['code', 'message'])
     peersUpdated = pyqtSignal()
     seedRetrieved = pyqtSignal()
+    messageSigned = pyqtSignal([str], arguments=['signature'])
 
     _network_signal = pyqtSignal(str, object)
 
@@ -848,10 +849,12 @@ class QEWallet(AuthMixin, QObject, QtEventListener):
     def isAddressMine(self, addr):
         return self.wallet.is_mine(addr)
 
-    @pyqtSlot(str, str, result=str)
+    @pyqtSlot(str, str)
+    @auth_protect(message=_("Sign message?"))
     def signMessage(self, address, message):
         sig = self.wallet.sign_message(address, message, self.password)
-        return base64.b64encode(sig).decode('ascii')
+        result = base64.b64encode(sig).decode('ascii')
+        self.messageSigned.emit(result)
 
     def determine_max(self, *, mktx: Callable[[FeePolicy], PartialTransaction]) -> Tuple[Optional[int], Optional[str]]:
         # TODO: merge with SendTab.spend_max() and move to backend wallet