Closed wyze closed 1 year ago
Can you confirm, does this also happen using the verifyMessage
util (not the public client one)?
Thanks for the quick response! It does not work with hardware wallet, but here is the error that happens:
Error: recovery id invalid
at Signature.recoverPublicKey (http://localhost:3007/build/_shared/secp256k1-UQXZ4KZU.js:1287:15)
at recoverPublicKey (http://localhost:3007/build/routes/_index-YZOSDE5U.js:3614:108)
at async recoverAddress (http://localhost:3007/build/routes/_index-YZOSDE5U.js:3620:29)
at async verifyMessage (http://localhost:3007/build/routes/_index-YZOSDE5U.js:3662:46)
at async onClick (http://localhost:3007/build/routes/_index-YZOSDE5U.js:6570:28)
It does still work through a MetaMask account (non-hardware wallet).
I've pushed updated code to my repo.
Hmm ok interesting, let me do some digging
I did some digging as well, and seeing how ethers has handled it in the past. The recovery bit from the hardware wallet is coming in as 0, so its passed in as -27, where as from a regular MetaMask wallet the bit is b0
(27), so it gets passed in as 0.
On that line above I updated it like so:
const publicKey = secp256k1.Signature.fromCompact(
signatureHex.substring(2, 130),
)
- .addRecoveryBit(v - 27)
+ .addRecoveryBit(v < 27 ? v : v - 27)
.recoverPublicKey(hashHex.substring(2))
.toHex(false)
Based on the logic found here: https://github.com/ethers-io/ethers.js/blob/bf65ddbff0036f6eb8e99c145f30edff157687f5/packages/bytes/src.ts/index.ts#L343-L350
So this would make the verifyMessage
util say Yes
(valid), but still fails on the publicClient.verifyMessage.
Added a fix in #545, and added you as a co-author of the commit.
Thanks!
This issue has been locked since it has been closed for more than 14 days.
If you found a concrete bug or regression related to it, please open a new bug report with a reproduction against the latest Viem version. If you have any questions or comments you can create a new discussion thread.
Is there an existing issue for this?
Package Version
0.3.30
Current Behavior
Signature is invalid.
Expected Behavior
Signature is valid.
Steps To Reproduce
Connect Wallet via MetaMask
Sign message
Valid: Yes
Connect Hardware (I used Ledger) Wallet via Metamask
Sign message
Valid: No
Link to Minimal Reproducible Example (StackBlitz, CodeSandbox, GitHub repo etc.)
https://github.com/wyze/viem-verify-sign-issue
Anything else?
It works as expected when using a regular MetaMask wallet. When I try to sign a message using my Ledger via MetaMask, the signature comes back invalid.