-
Notifications
You must be signed in to change notification settings - Fork 5.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update EIP-712: Fix eth_signTypedData
definition
#5457
Update EIP-712: Fix eth_signTypedData
definition
#5457
Conversation
The previous EIP text for `eth_signTypedData` seemed to describe the existing "Ethereum signed message" flows, without any relation to typed data. The new definition is consistent with what's actually implemented by (e.g.) [the Ethers signer][1] and [the OpenZeppelin validator][2], as well as with the start of the "Specification" section of this EIP. [1]: https://github.com/ethers-io/ethers.js/blob/ce8f1e4015c0f27bf178238770b1325136e3351a/packages/hash/src.ts/typed-data.ts#L392-L398 [2]: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/1b27c13096d6e4389d62e7b0766a1db53fbb3f1b/contracts/utils/cryptography/ECDSA.sol#L216-L218 wchargin-branch: eip-712-eth-signtypeddata wchargin-source: 9ad388c38b6b02da91d47e84e53284dadf4fe75b
File
|
This makes a change to a final EIP. The implementations will need to be changed. |
I believe that this patch updates the text to match the implementations I guess I don't really understand what it would mean for the In addition to Ethers and OpenZeppelin (as listed above), other
(For what it's worth, I also did raise this before the EIP was |
Yes, but that isn't allowed to a final EIP. I personally am okay with this change, but other editors may disagree. |
Thank you @wchargin for this update. I was against the 712 to go final at the current snapshot. but since it is now |
I feel like I should make a bot that adds a comment on every PR that moves an EIP to final that the entire EIP must be proofread. It seems obvious to me, but here we are... |
IMO pure editorial change that improves readability shall be allowed, but breaking change of the specificiation are not allowed for final. If an EIP intends to be a standard/protocol/interface, the behaviors mandated by spec shall not change after becoming FINAL. For example, if the original spec is interface {
function transfer(uint256 id);
} This change shall be allowed after an EIP becomes FINAL: interface {
function transfer(uint256 tokenId);
} This change IMO shall NOT be allowed after an EIP becomes FINAL: interface {
function transferToken(uint256 id);
} This is because the former is compatible with original. The latter is not. In this particular PR addressing EIP-712, it is updating the msg digest being hashed, can and will change signature. Therefore it's not compatible with the FINAL version of 712. Unfortunately IMO it shall not be allowed for updating 712 spec in this way. |
My understanding is that as written, the EIP is literally incorrect and includes inaccurate information, and that this pull request fixes that, so that the EIP will correctly describe the real behavior of all compliant implementations. Can we agree that the top priority should be that the EIP is an accurate reference? Maybe original authors (@recmo @LogvinovLeon @dekz) can comment? |
It is not uncommon that early adoptors of EIP drafts have been using outdated behaviors or made their local design choices. Let's let original authors respond. I think the more accurate way to say is current 712 snapshot has not yet eliminated all ambiguity and ethers and open-zeppelin have adopted non-standard approach. |
I guess one could also do the "SHOULD" and "SHOULD NOT" trick to correct EIPs. - MUST do X
+ SHOULD do Y
+ SHOULD NOT do X Technically this isn't backwards incompatible. |
I believe it would cause backward incompatiblility in some case. Suppose the following change was proposal for the final EIP-X: - MUST implement `iterate(uint)`
+ SHOULD implement `iterate(uint)` A client assuming the smart contract is EIP-X final version will assume per https://www.rfc-editor.org/rfc/rfc2119
|
I guess I didn't think about that particular case. You are correct there. As written, however, this doesn't make any sense since it references a nonexistent variable. Therefore, since there are no applications that can correctly parse this, there is no backward compatibility issue there since there is nothing that was previously compatible. |
I don't know if we are referring to the same aspect of this PR. I am referring to this part - The sign method calculates an Ethereum specific signature with: `sign(keccak256("\x19Ethereum Signed Message:\n" + len(message) + message)))`.
+ The sign method calculates an Ethereum specific signature with: `sign(keccak256("\x19\x01" + domainSeparator + structHash))`, as defined in the "Specification" section above. The particular When you say "nonexistent variable", which nonexistent variable do you refer to? |
|
Here is what caused me to think In the spec section:
If the rationale for accepting this PR is due to |
I agree that the first line defines As @xinbenlv mentioned in discord, there appear to be two specification sections? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is pretty clearly a copy-paste error from eth_sign
's API documentation. No one has implemented eth_signTypedData
as an alias for eth_sign
.
EIPS/eip-712.md
Outdated
The sign method calculates an Ethereum specific signature with: `sign(keccak256("\x19Ethereum Signed Message:\n" + len(message) + message)))`. | ||
|
||
By adding a prefix to the message makes the calculated signature recognisable as an Ethereum specific signature. This prevents misuse where a malicious DApp can sign arbitrary data (e.g. transaction) and use the signature to impersonate the victim. | ||
The sign method calculates an Ethereum specific signature with: `sign(keccak256("\x19\x01" + domainSeparator + structHash))`, as defined in the "Specification" section above. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The rest of the document uses ‖
for concatenation:
The sign method calculates an Ethereum specific signature with: `sign(keccak256("\x19\x01" + domainSeparator + structHash))`, as defined in the "Specification" section above. | |
The sign method calculates an Ethereum specific signature with: `sign(keccak256("\x19\x01" ‖ domainSeparator ‖ structHash))`, as defined above. |
wchargin-branch: eip-712-eth-signtypeddata wchargin-source: 49356fd9c5cce4159bff3395bb558ed5792f77f9
@SamWilsn: Exactly; thank you. Switched to |
I would prefer if you also removed the first Specification section. |
@SamWilsn @lightclient @axic @gcolvin are we okay with manually merging this? |
There has been no activity on this pull request for 2 weeks. It will be closed after 3 months of inactivity. If you would like to move this PR forward, please respond to any outstanding feedback or add a comment indicating that you have addressed all required feedback and are ready for a review. |
Dismiss stale bot. |
There has been no activity on this pull request for 2 weeks. It will be closed after 3 months of inactivity. If you would like to move this PR forward, please respond to any outstanding feedback or add a comment indicating that you have addressed all required feedback and are ready for a review. |
Dismissing stale bot. |
The commit 75be219 (as a parent of 050d24f) contains errors. |
@eth-bot rerun |
* EIP-712: fix `eth_signTypedData` definition The previous EIP text for `eth_signTypedData` seemed to describe the existing "Ethereum signed message" flows, without any relation to typed data. The new definition is consistent with what's actually implemented by (e.g.) [the Ethers signer][1] and [the OpenZeppelin validator][2], as well as with the start of the "Specification" section of this EIP. [1]: https://github.com/ethers-io/ethers.js/blob/ce8f1e4015c0f27bf178238770b1325136e3351a/packages/hash/src.ts/typed-data.ts#L392-L398 [2]: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/1b27c13096d6e4389d62e7b0766a1db53fbb3f1b/contracts/utils/cryptography/ECDSA.sol#L216-L218 wchargin-branch: eip-712-eth-signtypeddata wchargin-source: 9ad388c38b6b02da91d47e84e53284dadf4fe75b * [eip-712-eth-signtypeddata: update syntax and verbiage slightly] wchargin-branch: eip-712-eth-signtypeddata wchargin-source: 49356fd9c5cce4159bff3395bb558ed5792f77f9 * Remove the correct stuff * Fix another issue * Never mind, this looks correct --------- Co-authored-by: Pandapip1 <45835846+Pandapip1@users.noreply.github.com>
* EIP-712: fix `eth_signTypedData` definition The previous EIP text for `eth_signTypedData` seemed to describe the existing "Ethereum signed message" flows, without any relation to typed data. The new definition is consistent with what's actually implemented by (e.g.) [the Ethers signer][1] and [the OpenZeppelin validator][2], as well as with the start of the "Specification" section of this EIP. [1]: https://github.com/ethers-io/ethers.js/blob/ce8f1e4015c0f27bf178238770b1325136e3351a/packages/hash/src.ts/typed-data.ts#L392-L398 [2]: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/1b27c13096d6e4389d62e7b0766a1db53fbb3f1b/contracts/utils/cryptography/ECDSA.sol#L216-L218 wchargin-branch: eip-712-eth-signtypeddata wchargin-source: 9ad388c38b6b02da91d47e84e53284dadf4fe75b * [eip-712-eth-signtypeddata: update syntax and verbiage slightly] wchargin-branch: eip-712-eth-signtypeddata wchargin-source: 49356fd9c5cce4159bff3395bb558ed5792f77f9 * Remove the correct stuff * Fix another issue * Never mind, this looks correct --------- Co-authored-by: Pandapip1 <45835846+Pandapip1@users.noreply.github.com>
* EIP-712: fix `eth_signTypedData` definition The previous EIP text for `eth_signTypedData` seemed to describe the existing "Ethereum signed message" flows, without any relation to typed data. The new definition is consistent with what's actually implemented by (e.g.) [the Ethers signer][1] and [the OpenZeppelin validator][2], as well as with the start of the "Specification" section of this EIP. [1]: https://github.com/ethers-io/ethers.js/blob/ce8f1e4015c0f27bf178238770b1325136e3351a/packages/hash/src.ts/typed-data.ts#L392-L398 [2]: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/1b27c13096d6e4389d62e7b0766a1db53fbb3f1b/contracts/utils/cryptography/ECDSA.sol#L216-L218 wchargin-branch: eip-712-eth-signtypeddata wchargin-source: 9ad388c38b6b02da91d47e84e53284dadf4fe75b * [eip-712-eth-signtypeddata: update syntax and verbiage slightly] wchargin-branch: eip-712-eth-signtypeddata wchargin-source: 49356fd9c5cce4159bff3395bb558ed5792f77f9 * Remove the correct stuff * Fix another issue * Never mind, this looks correct --------- Co-authored-by: Pandapip1 <45835846+Pandapip1@users.noreply.github.com>
The previous EIP text for
eth_signTypedData
seemed to describe theexisting "Ethereum signed message" flows, without any relation to typed
data. The new definition is consistent with what's actually implemented
by (e.g.) the Ethers signer and the OpenZeppelin validator, as
well as with the start of the "Specification" section of this EIP.
wchargin-branch: eip-712-eth-signtypeddata