Comments (5)
Thanks @localethereumMichael for the super detailed description. This makes the issue more clear.
I like the Proposal 3. Let's go with that one.
Can you confirm the following is correct:
public async signByteMessage (params: any[]) {
if (!this._connected) {
throw new Error('Session currently disconnected')
}
params[1] = convertUtf8ToHex(params[1])
const request = this._formatRequest({
method: 'personal_sign',
params
})
try {
const result = await this._sendCallRequest(request)
return result
} catch (error) {
throw error
}
}
from walletconnect-monorepo.
Sorry, I've confused myself. When referring to eth.personal.sign
, I meant eth.sign
. Some wallets have implemented them the wrong way around which threw me off (MetaMask issue here).
WalletConnect's current eth_sign
behaves the same as MetaMask's eth_personalSign
. i.e. the wallet prefixes the message like:
sign(keccak256("\x19Ethereum Signed Message:\n" + len(message) + message)))
signByteMessage
shouldn't be any different there. It should expect wallets to prefix in the same way.
Because I got the naming wrong, the method personal_sign
should be renamed. Maybe something like eth_sign_bytes
?
Also, the new method doesn't need to support UTF-8 strings because the dApp developer should use signMessage()
if they want to sign a normal string; i.e.:
const sigA = await walletConnect.signMessage([address, "hello"]);
const sigB = await walletConnect.signByteMessage([address, "0x68656c6c6f"]);
console.log(sigA === sigB); // true
// These are the same because hex("hello") = "0x68656c6c6f"
// Doesn't need to work:
// await walletConnect.signByteMessage([address, "hello"]);
I think the convertUtf8ToHex(params[1])
isn't needed. We can instead throw an error if the message isn't hex encoded.
from walletconnect-monorepo.
I think this might just be a wallet bug. I didn't realize WC is passing over standard Ethereum JSON-RPC requests.
Wallets should be treating eth_sign's message
as a bytestring in the eth_sign payload.
See example in https://github.com/ethereum/wiki/wiki/JSON-RPC#eth_sign
// Request curl -X POST --data '{"jsonrpc":"2.0","method":"eth_sign","params":["0x9b2055d370f73ec7d8a03e965129118dc8f5bf83", "0xdeadbeaf"],"id":1}'
I've tested the above in a couple of WalletConnect wallets. To JSON-RPC spec, they should sign 0xdeadbeaf as a bytestring, however they are each signing "0xdeadbeaf" as a UTF-8 string.
Wallets should be doing:
sign(keccak256("\x19Ethereum Signed Message:\n" + len(0xdeadbeaf) + 0xdeadbeaf)))
// same as:
sign(keccak256("\x19Ethereum Signed Message:\n" + "4" + 0xdeadbeaf)))
What they are actually doing:
sign(keccak256("\x19Ethereum Signed Message:\n" + len("0xdeadbeaf") + "0xdeadbeaf")))
// same as:
sign(keccak256("\x19Ethereum Signed Message:\n" + "10" + 0x30786465616462656166)))
from walletconnect-monorepo.
Ok so I've looked into what you have posted and I think that from the WalletConnect SDK, it was as simple as exposing a new method for personal_sign that will hex encode the message on the JSON-RPC request. It's up to the wallets to currently sign and return a spec-complaint signature.
cc @localethereumMichael
So with the last update beta.6
the signMessage
stays the same for eth_sign
and the new method signPersonalMessage
will handle this issue by sanitizing the message as hex encoded and posting a personal_sign
request
public async signPersonalMessage (params: any[]) {
if (!this._connected) {
throw new Error('Session currently disconnected')
}
if (!isHexStrict(params[1])) {
params[1] = convertUtf8ToHex(params[1])
}
const request = this._formatRequest({
method: 'personal_sign',
params
})
try {
const result = await this._sendCallRequest(request)
return result
} catch (error) {
throw error
}
}
from walletconnect-monorepo.
Fixed on #77
from walletconnect-monorepo.
Related Issues (20)
- Trust Wallet - An unknown error occured HOT 1
- Sequence Redirection on Mobile Issue HOT 2
- "Writable" is not exported by "__vite-browser-external" HOT 3
- Add BEVM Mainnet HOT 2
- (27) Discord | #πβread-me | Ledger OP3N HOT 1
- Reconnecting a session HOT 1
- BSC HOT 2
- relay.walletconnect.com websocket connection is opened even though there is no action and no topic subscriptions HOT 2
- Add a Chain: Shibarium HOT 1
- Add a chain: Dogechain HOT 1
- web3inbox.com HOT 1
- Failing to receive signature from Gnosis Safe multisig app HOT 4
- React Native Push Notification Not working HOT 5
- Can't resolve 'pino-pretty' when installing `@walletconnect/ethereum-provider` with pnpm HOT 5
- pair() doesn't work for valid URIs in React Native / Android HOT 7
- Domain verification is incorrectly generated for `.it.com` TLD HOT 5
- rpc.walletconnect error "method not supported eth_uninstallFilter" HOT 1
- Hey @juloxrox, thanks for reaching out. You can access the same exported members by using the methods in `modal` object which is created with the `createWeb3Modal` function. HOT 1
- echo "# Lccrazy666" >> README.md git init git add README.md git commit -m "first commit" git branch -M main git remote add origin https://github.com/Lccrazy666/Lccrazy666.git git push -u origin mai HOT 1
- Problem on mobile device HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from walletconnect-monorepo.