w4ll3
commented
1 year ago @theosirian
Closed ZeroTimeDrift closed 1 year ago
w4ll3
commented
1 year ago @theosirian
ZeroTimeDrift
commented
1 year ago Hey @w4ll3, I'm trying to implement a version of the frontend signing in dart / flutter, from what I understood you were working on the parser for JS implementation?
So far I'm trying to get the user to sign using the Ethereum Personal Sign method by passing in a compatible message but I'm not sure how compatible it is as the message pop up still shows as 'Sign Message' on Mobile MetaMask as opposed to the 'Sign-in request' pop-up I get on Browser.
Is the ethereum personal sign method appropriate for this task? Happy to contribute to building dart compatibility as well. Here is what it looks like on mobile so far, having troubles getting this working.
ZeroTimeDrift
commented
1 year ago Update on this, I'm testing out validating signatures in dart and sending to a JS backend with SIWE, the message is not validating and breaks, it works totally fine with the JS desktop so the issue is not the backend here, here is what is being sent to the backend from Dart.
{
"message": {"domain": "localhost:3000", "address": "0x6d7f9a423dd49220d6e7723844c014aa77174708", "statement": "Hello World", "uri": "http://localhost:3000", "version": "1", "chainId": "1", "nonce": "32891756", "issuedAt": "2023-04-25T19:14:19.682Z"},
"signature": "0x820ed4b0b42a172727d2eb6cc519d73962e0732c4587dd509f0c375e3f5329632ae9c6a8ed7f25cec521b95bb2d5e422ae5e9168083204fcb9bb854fee809d7c1b"
}This is the message being signed:
localhost:3000 wants you to sign in with your Ethereum account:
0x6d7f9a423dd49220d6e7723844c014aa77174708
Statement: Hello World
URI: http://localhost:3000
Version: 1
Chain ID: 1
Nonce: 32891756
Issued At: 2023-04-25T19:14:19.682ZHi there, sorry for the delay on this. In here you can find a detailed spec on how the message is structured. Also, feel free to join discussions in our Discord https://discord.gg/spruce.
ZeroTimeDrift
commented
1 year ago No worries, do you think the issue is related to the formatting of the SIWE message? I sent the above message which was being signed which I thought conformed to the standard, is that not the case?
w4ll3
commented
1 year ago statement is not a field, in the link I sent you there is an example of a valid message https://eips.ethereum.org/EIPS/eip-4361#example-message
ZeroTimeDrift
commented
1 year ago Ok, I attempted to do it with the updated message, still doesn't seem to be working `localhost:3000 wants you to sign in with your Ethereum account: 0x6d7f9a423dd49220d6e7723844c014aa77174708
Hello World
URI: http://localhost:3000 Version: 1 Chain ID: 1 Nonce: 32891756 Issued At: 2023-04-25T19:45:50.940Z `
I still seem to be getting some issues, here is what I'm sending to validate:
{ "message": { "domain": "localhost:3000", "address": "0x6d7f9a423dd49220d6e7723844c014aa77174708", "statement": "Hello World", "uri": "http://localhost:3000", "version": 1, "chainId": 1, "nonce": 32891756, "issuedAt": "2023-04-25T19:45:50.940Z" }, "signature": "0x5fc0041adcb0ce40ec0a5e5a9040f180e7c6a8f32e7d36b7361ffd8e27f788a04a645e4925a615d17aedbbf0225b13bb5cdec139cbcb251da7630e9f03a3439c1c" }
w4ll3
commented
1 year ago removing the port should solve your issue. also, can I have a little more detail on how you're verifying the message?
ZeroTimeDrift
commented
1 year ago Sure, removing the port from everywhere or just specific parts of the message? I am using SIWE in JS to validate on the backend
app.post('/verify', async function (req, res) { const { message, signature } = req.body; const siweMessage = new SiweMessage(message); console.log("message: " + JSON.stringify(siweMessage)); const ethAddress = message.address; console.log(ethAddress); try { await siweMessage.validate(signature);
Here is the part in the backend (JS) I am using to verify the signature
ZeroTimeDrift
commented
1 year ago 
{"domain":"localhost:3000","address":"0x4bF850baF6459516Bd87E3D98c49264D0250087a","statement":"Sign in with MoonGate to the app.","uri":"http://localhost:3000","version":"1","chainId":1,"nonce":"Ygc1BUPyUiCpYz3PE","issuedAt":"2023-04-25T20:33:43.318Z"}
In the existing JS implementation, the URI and domain still have the port but work totally fine.
w4ll3
commented
1 year ago can you confirm to me that you are at siwe@1.x.x? also could you please test the address with EIP-55 (mixed camel case)?
ZeroTimeDrift
commented
1 year ago Yes 1.1.6 on NodeJS backend, the address is working as per EIP-55 as well
w4ll3
commented
1 year ago I meant in the example before, the address should be 0x6D7F9A423Dd49220D6e7723844C014AA77174708 instead of 0x6d7f9a423dd49220d6e7723844c014aa77174708.
{ "message": { "domain": "localhost:3000", "address": "0x6d7f9a423dd49220d6e7723844c014aa77174708", "statement": "Hello World", "uri": "http://localhost:3000", "version": 1, "chainId": 1, "nonce": 32891756, "issuedAt": "2023-04-25T19:45:50.940Z" }, "signature": "0x5fc0041adcb0ce40ec0a5e5a9040f180e7c6a8f32e7d36b7361ffd8e27f788a04a645e4925a615d17aedbbf0225b13bb5cdec139cbcb251da7630e9f03a3439c1c" }
w4ll3
commented
1 year ago Also just as a heads up, we are planning to move siwe@2.x.x to the latest tomorrow, it might be a good opportunity to upgrade now.
ZeroTimeDrift
commented
1 year ago Ah, got what you mean, I tried that now, still have the issue, here is what is being sent to the backend.
{
"message": {
"domain": "http://localhost:3000",
"address": "0x6D7F9A423Dd49220D6e7723844C014AA77174708",
"statement": "Hello World",
"uri": "http://localhost:3000",
"version": 1,
"chainId": 1,
"nonce": 32891756,
"issuedAt": "2023-04-26T00:05:14.660Z"
},
"signature": "0xc75aa32a9226cdc989aaf1cca3e0a257d94cbeafd52ba25e2b5df7b8c788d77579fcf29028a09d863caf88ec4b19949350abc83ffbb7e86b614a0cb154f356191b"
}Here is the message being signed: `http://localhost:3000 wants you to sign in with your Ethereum account: 0x6D7F9A423Dd49220D6e7723844C014AA77174708
Hello World
URI: http://localhost:3000 Version: 1 Chain ID: 1 Nonce: 32891756 Issued At: 2023-04-26T00:05:14.660Z
`
Happy to try upgrading to 2.x.x, would that help with the issue?
ZeroTimeDrift
commented
1 year ago Issue resolved, it was related to the formatting of the message being signed, many thanks to @w4ll3 for assisting me with this on Discord!
Hey all, I am trying to create a SIWE message in Flutter, does anyone know a reasonable way of doing this using SIWE? I have a SIWE backend setup to verify messages and generate nonces, but need a way to sign the messages in dart. Any advice on how to do this?