eth_personalSign or EIP-712 compatible variants of eth_account

OpenZeppelin / cairo-contracts

OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup

https://docs.openzeppelin.com/contracts-cairo

MIT License

823 stars 335 forks source link

eth_personalSign or EIP-712 compatible variants of eth_account #991

Open xJonathanLEI opened 5 months ago

xJonathanLEI commented 5 months ago

🧐 Motivation

The current eth_account preset opens up the possibility of using Ethereum wallets with Starknet accounts, which is great. We could even use hardware wallets like Ledger, offering unparalleled security! In fact, I'm actively working on making Starkli work with Ledger on this preset account.

However, the main issue is that most wallet options (e.g. Metamask, Ledger) do not provide an API for signing raw hashes, for good reasons.

Since eth_account expects signatures for raw hashes, these popular wallet options are not compatible with eth_account. In fact, this preset should be named secp256k1_account.

📝 Details

Just make additional presets where the signature is expected to be signed for a prepended message (i.e. eth_personalSign, which is still blind sign), or going all-in with EIP-712 where calls are encoded as structural data (see a POC here).

xJonathanLEI commented 5 months ago

It should be rather trivial for Starkli to fork eth_account and make it use eth_personalSign style signatures, but that's bad cuz then people would need to trust a contract that's far less reviewed than the ones in this repo.

ericnordelo commented 5 months ago

Hey @xJonathanLEI! Thanks for opening the issue. This is certainly interesting and we will add it to the roadmap. Feel free to open a PR if you feel like contributing, but we are putting it on the list anyway.

xJonathanLEI commented 5 months ago

My primary use case for this is to allow using the Ethereum Ledger app to control an account. However, I just learned that the native Starknet Ledger app (with blind sign, understandably but unfortunately) is Coming Soon™ (I heard this time it's for real lol). In this case, the Starknet Ledger should should be preferred as it will simply be compatible with all account contract that use the Stark curve.

That said, even assuming that the native Starknet Ledger app does come to life, such a proposed L1-wallet compatible account would still have some (rather niche though) uses, such as:

using a Starknet account completely from vanilla Metamask (i.e. no snaps);
EIP-712 support which allows users to see what they're signing, as oppose to the blind signing in the Starknet Ledger app (the Starknet Ledger app should eventually support non-blind signing though... right?)

Not sure if it's worth supporting it in this case though.