I'm trying to wrap my head around how signing transactions actually works. As I understand ECDSA signatures roughly work like this: There is a magic function, let's call it sign
that takes two parameters. The private key
and the message
. It outputs the signature or in the case of web3.py or web3.js, three weird values v
, r
, and s
.
So when users sign a message they are basically signing a blob of data which is the message
value in the sign
function. Am I correct in this assumption?
So when users sign a message they are basically signing a blob of data which is the message value in the sign function. Am I correct in this assumption?
How can I access that data blob? Is it possible to get it from a public transaction via web3?
I found this article and there it says that the data hash that will be signed is created from rlp + hash
. Has anyone an idea what rpl
means or how to get the output hash with web3?
Best Answer
ECDSA works with numbers so to sign a message first you have to encode it as an number.
The precise meaning of RLP is defined in the Yellow Paper (Appendix B Recursive Length Prefix). It is a function that will encode something structured (a transaction for example) as a sequence of bytes. Given a transaction
Transaction
thenRLP(Transaction)
returns a sequence of bytes.Actually ECDSA numbers they also have to be in a range. To ensure the
RLP(Transaction)
is withing the correct ECDSA range we apply a hash function likeKECCAK256(RLP(Transaction))
.Also the exact details of the ECDSA signature are in the Yellow Paper (Appending F Signing Transactions).