Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bugfix: eip-191 hash calculation fix #2248

Merged
merged 1 commit into from
Jan 3, 2025
Merged

bugfix: eip-191 hash calculation fix #2248

merged 1 commit into from
Jan 3, 2025

Conversation

aramikm
Copy link
Collaborator

@aramikm aramikm commented Jan 3, 2025

Goal

The goal of this PR is to make sure the hash calculation for eip-191 is compatible with JS libraries.

Closes #2247

Discussion

  • Changed eip-191 message hash calculation to match js implementation in popular Ethereum libraries

Checklist

  • Unit Tests added?
  • Spec version incremented?

@aramikm aramikm requested a review from wilwade as a code owner January 3, 2025 00:51
aramikm
aramikm commented Jan 3, 2025
View reviewed changes
common/primitives/src/signatures.rs
Comment on lines -284 to -287
// frequency wrapped for Metamask compatibility
let frequency_wrapped =
eth_message_hash(&format!("<Frequency>0x{:?}</Frequency>", HexDisplay::from(&msg.get())));
verify_signature(&signature.as_ref(), &frequency_wrapped, signer)
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removing this custom wrapping for now. We might not need it and we will cross that bridge in future in case it was necessary.

aramikm
aramikm commented Jan 3, 2025
View reviewed changes
common/primitives/src/signatures.rs
let prefixed = format!("{}{}{}", "\x19Ethereum Signed Message:\n", message.len(), message);
log::debug!(target:"ETHEREUM", "prefixed {:?}",prefixed);
sp_io::hashing::keccak_256(prefixed.as_bytes())
fn eth_message_hash(message: &[u8]) -> [u8; 32] {
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

matches https://github.com/ethers-io/ethers.js/blob/48cdcef2925ffca4f60412697791dac268f06d0d/src.ts/hash/message.ts#L35

@codecov Codecov
Copy link

codecov bot commented Jan 3, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Files with missing lines Coverage Δ
common/primitives/src/signatures.rs 54.76% <100.00%> (-3.02%) ⬇️
pallets/passkey/src/tests_v2.rs 100.00% <100.00%> (ø)

@github-actions github-actions bot added the metadata-changed Metadata has changed since the latest full release label Jan 3, 2025
shannonwells
shannonwells approved these changes Jan 3, 2025
View reviewed changes
Copy link
Collaborator

@shannonwells shannonwells left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't want to block it for this because if the inputs weren't real, the signatures wouldn't validate and the accounts wouldn't decode and such, but it would be nice to know where you got the signatures and accounts from for future testing.

wilwade
wilwade approved these changes Jan 3, 2025
View reviewed changes
Copy link
Collaborator

@wilwade wilwade left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

mattheworris
mattheworris approved these changes Jan 3, 2025
View reviewed changes
Copy link
Collaborator

@mattheworris mattheworris left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Read through changes
    🚢 it!

JoeCap08055
JoeCap08055 approved these changes Jan 3, 2025
View reviewed changes
Copy link
Collaborator

@JoeCap08055 JoeCap08055 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Read through code & also ECR-191. Looks good!

enddynayn
enddynayn approved these changes Jan 3, 2025
View reviewed changes
Copy link
Collaborator

@enddynayn enddynayn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great! 👍

aramikm
aramikm commented Jan 3, 2025
View reviewed changes
common/primitives/src/signatures.rs
let payload = from_hex("0x0a0300e659a7a1628cdd93febc04a4e0646ea20e9f5f0ce097d9a05290d4a9e054df4e028c7d0a3500000000830000000100000026c1147602cf6557f4e0068a78cd4b22b6f6b03e106d05618cde8537e4ffe454c1f285c69f563934857a63463571d57723fbad6ac7de44611ed674f02c04c2ae00").expect("Should convert");
let signature_raw = from_hex("0x056ca64d31251a1f20733ce2a741e2963c87a9674a35f8619b6b97210ae8c8b54c2853da1b943dd95ac3b893b37f69ca7dc38c13f8ec92a235b00ae03426505900").expect("Should convert");
let payload = b"test eip-191 message payload";
let signature_raw = from_hex("0x276dcc9c69da24dd8441ba3acc9b60d8aae0cb39f0bc5ad92c723a31bf11575031d860978280191a0a97a1f74336ca0c79a8b1b3aab013fb58a27f113b73b2081b").expect("Should convert");
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this signature is generated using metamask and the payload above

aramikm
aramikm commented Jan 3, 2025
View reviewed changes
common/primitives/src/signatures.rs
let unified_signature = UnifiedSignature::from(ecdsa::Signature::from_raw(
signature_raw.try_into().expect("should convert"),
));

let public_key = ecdsa::Public::from_raw(
from_hex("0x025b107c7f38d5ac7d618e626f9fa57eec683adf373b1352cd20e5e5c684747079")
from_hex("0x03be5b145e12c5fb95151374ed919eb445ade57637d729dd2d73bf161d4bc10329")
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

compressed public key associated with the account used in metamask for signing 0x6906405649a9c73f28BB3D9bC3B647280D822025

@aramikm
Copy link
Collaborator Author

aramikm commented Jan 3, 2025

@shannonwells added some more comments in PR. The example test is also exactly what saas team was submitting to us and added that to ensure we are compatible with them

@aramikm aramikm merged commit 8945c5e into main Jan 3, 2025
30 checks passed
@aramikm aramikm deleted the bugfix_eip_191_hash branch January 3, 2025 18:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JoeCap08055 JoeCap08055 JoeCap08055 approved these changes

@saraswatpuneet saraswatpuneet saraswatpuneet approved these changes

@enddynayn enddynayn enddynayn approved these changes

@mattheworris mattheworris mattheworris approved these changes

@wilwade wilwade wilwade approved these changes

@shannonwells shannonwells shannonwells approved these changes

Assignees
No one assigned
Labels
metadata-changed Metadata has changed since the latest full release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug]: Ethereum eip-191 signatures are not working correctly
7 participants
@aramikm @shannonwells @wilwade @mattheworris @enddynayn @saraswatpuneet @JoeCap08055