ethers.js vault signer

[wagyu298]

We want to use HashiCorp Vault for hardhat (ethers.js) signer. The kaleido-io/vault-plugin-secrets-ethsign Vault Plugin implements Ethereum Wallet and Transaction Signer but lack the following features we wants.

• ethers.js required signMessage and signTransaction to Signer subclass objects. vault-plugin-secrets-ethsign can sign transaction, it only for signTransaction.
• The vault-plugin-secrets-ethsign does not support EIP-2718: Typed Transaction Envelope, EIP-1559: Fee market change for ETH 1.0 chain and EIP-2930: Optional access lists. It is said that EIP-1559 reduces gas fees.

We plan to create ethers.js signer for Vault based upon the plugin. It requires the signDigest method of the SigningKey class. Wallet class delegates all signature request to the signDigest method. See signTransaction, signMessage and _signTypedData methods implementations of Wallet class for more details.

[wagyu298]

signDigest method is a wrapper of keyPair.sign function. Nomally, keyPair secp256k1 curve that implemented by elliptic package, and call elliptic.sign function.

signDigest calls the sign function with cannonical: true argument that restricts recoveryParam to 0 or 1 (https://github.com/indutny/elliptic/blob/master/lib/elliptic/ec/index.js#L146-L150).

go-ethereum implements secp256k1 curve sign function in secp256k1_ecdsa_sig_sign function of libsecp256k1/src/ecdsa_impl.h that called from crypto.Sign function. It does not have canonical mode argument, always returns canonicalized recoveryParam.

The call tree from crypto.Sing to secp256k1_ecdsa_sig_sign is crypto.Sign -> secp256k1_ecdsa_sign_recoverable -> secp256k1_ecdsa_sig_sign.

P.S. I was very confuzed canonical option of the sign function because I could not remember what is canonical in go-ethererum source codes from my brain. I left a comment above to avoid running into the same problem.