-
Notifications
You must be signed in to change notification settings - Fork 112
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sign messages in a way that real-world wallets expect #205
Conversation
What you are proposing uses the Many discussions have happened since then and honestly I still don't see there being a consensus although EIP 712 seems close to consensus. Some notes on useful references below for further discussion:
|
So, EIP712 - once it gets support - is definitely the way to go. Much better from a UX perspective (it's less opaque what one is signing), and hopefully everyone will implement in the same way. Once it's accepted and begins to gain adoption, we can deprecate the implementation here, and force everyone to move over to it. Until then, I have added the requested prefix to the messages being signed that the contract expects to receive. In order to make things easier, I have hashed the data being passed, then prepending I have also added support for Trezor-style signing, where the message length is not an ASCII-string, but is encoded as a varint (represented by Yes, this is all a much worse solution than we would have come up with in a vacuum, but I'm pretty sure it's the best we can do for now and maintain compatibility with the wallets we want to support. Roll on EIP712. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The word on the street from @JamesLefrere is that this solves his problems, so good to go from my perspective.
While testing the MultiSig implementation @JamesLefrere and I encountered that the ecsign method used in createSignatures (in test-helpers.js) works differently from the ones used by web3 or ethers (or any wallet implementation, really). The latter prepend a prefix
("\x19Ethereum Signed Message:\n" + len(message))
to the message hash which is to sign, while the former does not. The prefix can also be found in the ERC191 specification: ethereum/EIPs#191.In order to add support across all wallets (including MetaMask and Hardware wallets) we should use this method of signing as it's the only one those support.
The proposed change fixes the MultiSig (executeTaskChange) for us when using it in the browser (with an ethers wallet), although it breaks a whole lot of other tests. Maybe we're doing something stupid on the Solidity side of things so we'd like for someone more proficient in this to help us out (@elenadimitrova, @area?).