Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem verifying personal_sign signatures produced by ledger (v5) #893

Closed
oed opened this issue Jun 16, 2020 · 5 comments
Closed

Problem verifying personal_sign signatures produced by ledger (v5) #893

oed opened this issue Jun 16, 2020 · 5 comments
Labels
bug Verified to be an issue. fixed/complete This Bug is fixed or Enhancement is complete and published.

Comments

@oed
Copy link

oed commented Jun 16, 2020

Initially thought this was a MetaMask issue but looks like it's a bug in ethers v5, ref

Describe the bug
When verifying a personal_sign signature from a Ledger hardware wallet ethers@5 will return the incorrect address.

To Reproduce

  1. produce a personal_sign signature with metamask in the browser console using a ledger device:
> ethereum.sendAsync({ 
  jsonrpc: '2.0', id: 1, 
  method: 'personal_sign', 
  params: ['0x6d7367', '0x73120171D5f26C93F7472b0f4F4C94C300264Bcb']
 }, (a, x) => console.log(x.result))

0xfcd04509a330684eff11f6f4a872a592c33024f6d16022011f35323cb77147dd18f5600f22179721691ce4f3a2d7ee90adf6309bf86fb4bfb0740a330f8f539b01
  1. Try to recover the signature using @ethersproject/wallet in a node console:
> require('@ethersproject/wallet).verifyMessage('msg', '0xfcd04509a330684eff11f6f4a872a592c33024f6d16022011f35323cb77147dd18f5600f22179721691ce4f3a2d7ee90adf6309bf86fb4bfb0740a330f8f539b01')
'0x1d741B84405D5D6cb4F05b5A74ac5588F2149B90'
  1. Try to recover the same signature with ethers@4 in a node console:
> require('ethers').utils.verifyMessage('msg', '0xfcd04509a330684eff11f6f4a872a592c33024f6d16022011f35323cb77147dd18f5600f22179721691ce4f3a2d7ee90adf6309bf86fb4bfb0740a330f8f539b01')
'0x73120171D5f26C93F7472b0f4F4C94C300264Bcb'

Expected behavior
When recovering the signature the same address as used in MetaMask should be returned using the ethers@5 library.

  • Hardware Wallet: Ledger Nano S Firmware version 1.6.0
  • MetaMask Version used to produce signature: 7.7.9
@oed oed mentioned this issue Jun 16, 2020
Closed
@ricmoo ricmoo added investigate Under investigation and may be a bug. on-deck This Enhancement or Bug is currently being worked on. labels Jun 16, 2020
@ricmoo
Copy link
Member

ricmoo commented Jun 16, 2020

I’ll look into this shortly.

@oed oed mentioned this issue Jun 20, 2020
Closed
@oed
Copy link
Author

oed commented Jun 29, 2020

Hey @ricmoo any update on this? :)

@ricmoo ricmoo added bug Verified to be an issue. and removed investigate Under investigation and may be a bug. labels Jul 8, 2020
@ricmoo ricmoo mentioned this issue Jul 8, 2020
Closed
@ricmoo
Copy link
Member

ricmoo commented Jul 8, 2020

I've updated the issue #933 with this and will track progress there.

I've found the problem and am working on the fix right now.

ricmoo added a commit that referenced this issue Jul 8, 2020
@ricmoo
Fixed splitSignature when recoveryParam is encoded directly (#893, #933
bf65ddb 
…).
@ricmoo
Copy link
Member

ricmoo commented Jul 8, 2020

This should be fixed in 5.0.5.

Try it out and let me know. :)

@ricmoo ricmoo added fixed/complete This Bug is fixed or Enhancement is complete and published. and removed on-deck This Enhancement or Bug is currently being worked on. labels Jul 8, 2020
@oed
Copy link
Author

oed commented Jul 13, 2020

Confirmed to be working with 5.0.5. Thanks @ricmoo 🙏

@oed oed closed this as completed Jul 13, 2020
@assafmo assafmo mentioned this issue Apr 13, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Verified to be an issue. fixed/complete This Bug is fixed or Enhancement is complete and published.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ricmoo @oed