HaLo
Manually sending a Command

Manually sending a Command

The user is able to execute a command -- such as sign a message using one of the available keys -- through one of several interfaces including a proprietary browser interface, NDEF and ADPU. The HaLo expects 32 byte digests which have been hashed client side (e.g. using sha256 or keccak256). We highly recommend using LibHaLo to interface with HaLos on mobile web, in React Native apps and CLIs.

Signature Types

By default, HaLos can produce any secp256k1 signature including potentially malleable signatures. HaLo signatures are not implicitly formatted to any Ethereum format, however, you can generate signatures of any desired format such as those required for an Ethereum transaction, EIP-191 and EIP-712.

It's important to understand which kind of signature you want to generate as this influences the digest presented to a chip, for instance by including an EIP-191 (opens in a new tab) compliant message header or EIP-712 (opens in a new tab) schema. Once a signature type is chosen, keep in mind that the client must hash the message with a desired hashing scheme as the HaLo does not carry out any hashing.

Manually Constructing a Command

You can easily craft an NDEF message to send a signing request

  1. Prepare a NDEF message with one record and a desired $CHALLENGE to be signed by the HaLo. A $CHALLENGE should mirror the cmd param but with the desired key slot, command type and digest:
{ recordType: "unknown", data: $CHALLENGE }
  1. Write the message to the chip using standard writing method as described in NFC Forum Type 4 Tag specification. Depending on the platform and interface there may be explicit NDEF write commands available (opens in a new tab) or you may need to construct the write using lower-level ADPU commands.
  2. Perform NDEF read. The chip will return a single NDEF record containing the URL.
  3. Parse URL’s cmd field and verify whether it contains the command input in step #1.
  4. Parse URL’s res field to obtain the command execution result.
  5. Verify ECDSA signature.

See the halo-webnfc-demo for an example HaLo web app which signs a randomly generated challenge using key slot #1.

Last updated on August 26, 2025
NDEF Record StructureNon-Interactive Mode