EIP-712: fix eth_signTypedData definition

The previous EIP text for `eth_signTypedData` seemed to describe the existing "Ethereum signed message" flows, without any relation to typed data. The new definition is consistent with what's actually implemented by (e.g.) [the Ethers signer][1] and [the OpenZeppelin validator][2], as well as with the start of the "Specification" section of this EIP. [1]: https://github.com/ethers-io/ethers.js/blob/ce8f1e4015c0f27bf178238770b1325136e3351a/packages/hash/src.ts/typed-data.ts#L392-L398 [2]: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/1b27c13096d6e4389d62e7b0766a1db53fbb3f1b/contracts/utils/cryptography/ECDSA.sol#L216-L218 wchargin-branch: eip-712-eth-signtypeddata wchargin-source: 9ad388c38b6b02da91d47e84e53284dadf4fe75b
ethereum · Aug 14, 2022 · 6fe3596 · 6fe3596
1 parent 86417d8
commit 6fe3596
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/EIPS/eip-712.md b/EIPS/eip-712.md
@@ -165,9 +165,7 @@ The method `eth_signTypedData` is added to the Ethereum JSON-RPC. The method par
 
 #### eth_signTypedData
 
-The sign method calculates an Ethereum specific signature with: `sign(keccak256("\x19Ethereum Signed Message:\n" + len(message) + message)))`.
-
-By adding a prefix to the message makes the calculated signature recognisable as an Ethereum specific signature. This prevents misuse where a malicious DApp can sign arbitrary data (e.g. transaction) and use the signature to impersonate the victim.
+The sign method calculates an Ethereum specific signature with: `sign(keccak256("\x19\x01" + domainSeparator + structHash))`, as defined in the "Specification" section above.
 
 **Note**: the address to sign with must be unlocked.