Open dvush opened 3 years ago
Hi @dvush, What you're saying is all correct. The signature that Authereum returns from a regular eth_sign
is a 1271 signature that is twice the length of a normal signature. This allowed by the ERC1271 standard. The data is actually two signatures but your software can be unconcerned about how it's formatted. If the double length signature is checked against the account contract using the ERC1271 isValidSignature
method, it will work as expected.
By the way, we have a package that makes it easy to check both 1271 and regular signatures. It checks if the signer address is a contract or not and then recovers the signature with the appropriate method, ERC 1271 or a regular ECDSA recovery. It's also backward compatible with different versions of ERC 1271 that existed before it was finalized. It might be helpful for you.
https://www.npmjs.com/package/is-valid-signature
Also, if you're still having trouble getting the signature to verify, would be happy to help debug if you can provide some more context or point me to some code.
Hi @cwhinfrey - thanks for the explanation, here are some tests that we did and we are sure that problems that we have is not connected to zkSync.
What I was able to see from our tests is this:
We wrote simple web app that just connects with WalletConnect and signs message using either: eth_sign or personal_sign.
Hey @dvush, I'm not sure why those signatures aren't being verified for 1 and 2. We'll look into this and circle back with more info.
we do have a persistent signing key that you can use and will be deterministic but can't be verified with ERC1271. This is because our ERC1271 signature verification is based around the authKeys and authKeys can be removed at anytime invalidating the signature. We'll discuss this as well and come back with a recommendation for your use case.
Hi, we are having some problems when users are using authereum wallet with zkSync.
It looks like this issue is caused by EIP1271 signature verification. I am wondering if it can be because there are two types of EIP1271 signatures that your wallet can produce: one is 65 byte long other is larger.
We use user signatures of the message to check for correctness and it fails sometimes. Can you please explain how user signatures work in authereum?