MetaMask – Authenticating with an Ethereum Account through personalSign

authenticationmetamasksignatureweb3-providers

I want to authenticate a user using her Ethereum account. There are several demos and tutorials available, for example Amaury's which uses, however, the deprecated web3 API:

web3.personal.sign(web3.fromUtf8("Hello from Toptal!"), web3.eth.coinbase, console.log);

MetaMask no longer injects web3. For details, see: https://docs.metamask.io/guide/provider-migration.html#replacing-window-web3

Uncaught TypeError: web3.personal is undefined

I'm using the new window.ethereum directly, which works well to connect to a wallet provider and retrieve accounts, e.g.:

const accounts = await ethereum.request({ method: 'eth_requestAccounts' });

However, it does not really expose eth_personalSign as suggested in the MetaMask docs:

eth_sendTransaction

eth_sign (insecure and unadvised to use)

eth_personalSign

eth_signTypedData

const sig = await ethereum.request({ method: 'eth_personalSign', params: ['0x0', 'foo'] });

MetaMask – RPC Error: The method 'eth_personalSign' does not exist / is not available.

How to authenticate with an Ethereum account through personalSign?

I experimented with eth_sign instead, which at least goes through to the web3 provider and allows me to sign a message in MetaMask. But it is cumbersome to handle and does only return a forever pending promise…

Best Answer

It's personal_sign now, not eth_personalSign. It has always been personal_sign, it's probably just a typo in the Metamask docs.

const message = "Hello from Ethereum Stack Exchange!";
const accounts = await ethereum.request({ method: 'eth_requestAccounts' });
const account = accounts[0];
const signature = await ethereum.request({ method: 'personal_sign', params: [ message, account ] });

Related Solutions

Ethereum Authentication – Authentication Using Ethereum Account

Despite Metamask seems to complicate the process to you, if you give it a try you'll find that in reality it simplifies it for both users ( until some point ) and developpers.

To introduce a bit the topic just know that i've been on the same way as you and am developping a prototype of dApp through Angular 5, Web3js and truffle. The main idea was to have a full decentralized back-end for my prototype, which means that aside of distributing the front-end, http server wouldn't do anything else, all the back-end logic going to the ethereum network.

As i digged into Solidity i discoverd how little i knew despite reading hundreds of topics about dApp development.

I began using the Web3 object provided by Metamask in order to be able to implement my first features faster.

I had prepared a section of my Application in order to handle v3 Keystores like the one generated actually by MyEtherWallet in order to get indepedence of Metamask if user wanted to.

Whilst i achieved thanks to v1.0.0 of Web3 to decrypt the keystore file with the password i got stuck when it had to come to send signed transactions without metamask.

Below a few points about what are the complications about getting rid of Metamask :

You'll have to generate signature for every transaction your user will want.
In order to give user some control over its transaction you'll have to implement a modal or a panel that will ask user to confirm every transaction that requires gas, otherwise it will mean that your can spend user's funds as you want, imagining you store the decrypted wallet.
You won't be able to use Web3 for signing your transactions and will have to rely on others libraries such as ethereumjs-tx.
You will have to create your own accounts manager to be able to switch easily from an account to another

About last points note that using metamask in coordination with web3 you wont have to care much about those things as you'll just have to load the ABIs of your contracts and call the methods or events you want. When needing to spend gas Metamask will automatically catch the transaction request and ask confirmation. Switching accounts will take only a few seconds.

I know that this whole text doesn't provide the solution you would like but as you seem to be new, in order to be able to dig a bit without getting stuck and frustrated in complex processes and in order to dig progressively in this complexity i thought it would be a good thing to relate you how i went there and why Metamask is an affordable solution for developping first tests and prototypes.

Good luck

EDIT (on demand for code) :

You can find a starter-pack of a small dApp here The dApp shows how to detect Metamask ( which injects a Web3 Object in the window DOM Object ) and how to make small transaction.

I made a few months ago a small commented snippet on how to call method of a Contract for which we know the ABI. You'll find it here

Hope it helps !

MetaMask Security – Evaluating Secure Models for Authenticating Users with MetaMask

The flow presented by Metamask deals with authentication and does not deal with DoS issues or other security matters.

It is considered a secure way of authentication, because the wallet uses the private key (SK) to sign the message, which can be later verified by the backend. Verification is done by computing (recovering) the public key from the signature.

Let's take a look at ethers.js signing implementation -

    async signMessage(message: Bytes | string): Promise<string> {
        return joinSignature(this._signingKey().signDigest(hashMessage(message)));
    }

    signDigest(digest: BytesLike): Signature {
        const keyPair = getCurve().keyFromPrivate(arrayify(this.privateKey));
        const digestBytes = arrayify(digest);
        if (digestBytes.length !== 32) {
            logger.throwArgumentError("bad digest length", "digest", digest);
        }
        const signature = keyPair.sign(digestBytes, { canonical: true });
        return splitSignature({
            recoveryParam: signature.recoveryParam,
            r: hexZeroPad("0x" + signature.r.toString(16), 32),
            s: hexZeroPad("0x" + signature.s.toString(16), 32),
        })
    }

and verification of a message authenticity is done by computing the public key from its given signature -

export function verifyMessage(message: Bytes | string, signature: SignatureLike): string {
    return recoverAddress(hashMessage(message), signature);
}

export function recoverAddress(digest: BytesLike, signature: SignatureLike): string {
    return computeAddress(recoverPublicKey(arrayify(digest), signature));
}

export function recoverPublicKey(digest: BytesLike, signature: SignatureLike): string {
    const sig = splitSignature(signature);
    const rs = { r: arrayify(sig.r), s: arrayify(sig.s) };
    return "0x" + getCurve().recoverPubKey(arrayify(digest), rs, sig.recoveryParam).encode("hex", false);
}

In this answer, the author explains the process of digital signature and why you need to know the private key in order to produce the signature, and in his more detailed answer he explains the formulas that uses the SK d to sign, which is then verified against the PK (𝑛,𝑒).

Auth flow presented above is such -

The backend decides upon a nonce and sends to frontend;
Frontend signs the nonce using its private key;
Backend recovers the public key from signature, compares signed payload to given nonce (see recoverPublicKey input args);
If recovered public key equals the expected user wallet, authentication is approved.

Best Answer

Related Solutions

Ethereum Authentication – Authentication Using Ethereum Account

MetaMask Security – Evaluating Secure Models for Authenticating Users with MetaMask

Related Topic