Ethers.js – Troubleshooting Ethers.js Wrong Signature

ethers.jssecp256k1signature

From the same private key in ethers.js and secp256k1 I get the same eth address. But if I sign a message I get a different (wrong) signature in ethers.js. What is wrong with my code?

import { createKeyPair, sign } from '@erebos/secp256k1'
import { pubKeyToAddress } from '@erebos/keccak256'
import { ethers, Wallet } from 'ethers';

async function testsig(message){

// ethers:

var ethersprivateKey = '0x0123456789012345678901234567890123456789012345678901234567890123';

var etherswallet = new ethers.Wallet(ethersprivateKey);
console.log(etherswallet.address)
//0x14791697260E4c9A71f18484C9f997B308e59325

var s_ethers= await etherswallet.signMessage(message)
console.log( ethers.utils.arrayify(s_ethers) ) 
//int8Array(65) [166, 122, 63, 76, 122, 170, 175, 139, 106, 144, 156, 80, 245, 237, 145, 126, 24, 132, 20, 93, 157, 42, 208, 8, 158, 115, 23, 196, 253, 183, 157, 249, 8, 20, 82, 203, 147, 90, 139, 78, 10, 22, 10, 133, 199, 161, 228, 217, 234, 204, 197, 207, 9, 37, 149, 16, 151, 230, 159, 30, 25, 171, 24, 176, 27]




// secp256k1:

var secp256k1privateKey = '0123456789012345678901234567890123456789012345678901234567890123';

let secp256k1keyPair = createKeyPair(secp256k1privateKey);
const secp256k1user = pubKeyToAddress(secp256k1keyPair.getPublic('array'))
console.log(secp256k1user)
//0x14791697260e4c9a71f18484c9f997b308e59325


var s_secp256k1=sign(message, secp256k1keyPair)
console.log( s_secp256k1)
//(65) [93, 182, 197, 217, 33, 175, 143, 115, 43, 243, 207, 2, 160, 182, 26, 117, 218, 181, 239, 132, 22, 133, 182, 155, 86, 25, 151, 186, 76, 167, 48, 228, 23, 78, 253, 193, 86, 243, 164, 96, 149, 68, 209, 43, 122, 6, 186, 68, 147, 74, 110, 71, 175, 197, 222, 132, 208, 223, 168, 84, 46, 81, 141, 73, 1]
}
testsig("abc")

Best Answer

Ethers.js prefixes the signature with \x19Ethereum Signed Message:\n<message length> before signing it, and signs a hash of the message. This is equivalent to the personal_sign JSON-RPC method. To match the behaviour of Ethers.js with the secp256k1 library, you have to:

Get a hash of the message (e) using Keccak256(message).
Hash e, using Keccak256("\x19Ethereum Signed Message:\n32" + e). We can hardcode a length of 32 here, because Keccak-256 hashes are always 32 bytes (= 256 bits) long.
Sign the resulting hash with a private key.

The signature {r, s, v} should be a valid Ethereum signature, where r and s are the first 32 bytes and second 32 bytes respectively, and v is the last byte (also called recovery ID). Note that you may have to add 27 to the v parameter, to get a v of 27 or 28 (as used by Ethereum).

Related Solutions

[Ethereum] Truffle web3.eth.sign produces wrong signature

Apparently it's an issue with Truffle, see this issue here. More info here and here.

[Ethereum] Signing a request with a signature gives the wrong from address

You don't sign a request with a signature, you sign a transaction. You cannot generate generic signatures to be associated to transactions later on, you need to have access the complete object you want to sign - the raw transaction in your case - before the process works correctly.

Each library and wallet has its own signing implementation. With ethers.js in particular, you can use the Signer object to sign a transaction. From the [ethers.js official documentation][1]:

signer.signTransaction( transactionRequest ) ⇒ Promise< string< DataHexString > >

Returns a Promise which resolves to the signed transaction of the transactionRequest. This method does not populate any missing fields.

Sub-classes must implement this, however they may throw if signing a transaction is not supported, which is common for security reasons in many clients.

Signer usually refers to an external wallet - i.e MetaMask - not controlled by your ÐApp.

If instead you control the wallet with your app - so not a ÐApp anymore ;) - below some examples of signing transactions and messages with ethers.js and a wallet. You can find them inside the [Wallet official documentation][2] also:


    // Create a wallet instance from a mnemonic...
    mnemonic = "announce room limb pattern dry unit scale effort smooth jazz weasel alcohol"
    walletMnemonic = Wallet.fromMnemonic(mnemonic)
    
    // ...or from a private key
    walletPrivateKey = new Wallet(walletMnemonic.privateKey)
    
    walletMnemonic.address === walletPrivateKey.address
    // true
    
    // The address as a Promise per the Signer API
    walletMnemonic.getAddress()
    // { Promise: '0x71CB05EE1b1F506fF321Da3dac38f25c0c9ce6E1' }
    
    // A Wallet address is also available synchronously
    walletMnemonic.address
    // '0x71CB05EE1b1F506fF321Da3dac38f25c0c9ce6E1'
    
    // The internal cryptographic components
    walletMnemonic.privateKey
    // '0x1da6847600b0ee25e9ad9a52abbd786dd2502fa4005dd5af9310b7cc7a3b25db'
    walletMnemonic.publicKey
    // '0x04b9e72dfd423bcf95b3801ac93f4392be5ff22143f9980eb78b3a860c4843bfd04829ae61cdba4b3b1978ac5fc64f5cc2f4350e35a108a9c9a92a81200a60cd64'
    
    // The wallet mnemonic
    walletMnemonic.mnemonic
    // {
    //   locale: 'en',
    //   path: 'm/44\'/60\'/0\'/0/0',
    //   phrase: 'announce room limb pattern dry unit scale effort smooth jazz weasel alcohol'
    // }
    
    // Note: A wallet created with a private key does not
    //       have a mnemonic (the derivation prevents it)
    walletPrivateKey.mnemonic
    // null
    
    // Signing a message
    walletMnemonic.signMessage("Hello World")
    // { Promise: '0x14280e5885a19f60e536de50097e96e3738c7acae4e9e62d67272d794b8127d31c03d9cd59781d4ee31fb4e1b893bd9b020ec67dfa65cfb51e2bdadbb1de26d91c' }
    
    tx = {
      to: "0x8ba1f109551bD432803012645Ac136ddd64DBA72",
      value: utils.parseEther("1.0")
    }
    
    // Signing a transaction
    walletMnemonic.signTransaction(tx)
    // { Promise: '0xf865808080948ba1f109551bd432803012645ac136ddd64dba72880de0b6b3a7640000801ca0918e294306d177ab7bd664f5e141436563854ebe0a3e523b9690b4922bbb52b8a01181612cec9c431c4257a79b8c9f0c980a2c49bb5a0e6ac52949163eeb565dfc' }
    
    // The connect method returns a new instance of the
    // Wallet connected to a provider
    wallet = walletMnemonic.connect(provider)
    
    // Querying the network
    wallet.getBalance();
    // { Promise: { BigNumber: "42" } }
    wallet.getTransactionCount();
    // { Promise: 0 }
    
    // Sending ether
    wallet.sendTransaction(tx)

  [1]: https://docs.ethers.io/v5/api/signer/#Signer-signTransaction
  [2]: https://docs.ethers.io/v5/api/signer/#Wallet--methods

Best Answer

Related Solutions

[Ethereum] Truffle web3.eth.sign produces wrong signature

[Ethereum] Signing a request with a signature gives the wrong from address

Related Topic