Implement signing data with intended validator as part of EIP 191

[Bhargavasomu]

What was wrong?

EIP 191 needs to be implemented as part of ethereum/web3.py#1241

How was it fixed?

• Personal Sign was already implemented.
• Support was added for signature version 0x00 (Signing Data with intended validator) by making defunct_hash_message take the signature_version and the version_specific_data as arguments. Then the signature_wrapper function was modified to add support to these signature versions.

Cute Animal Picture

[Bhargavasomu]

@pipermerriam could you please review? Thankyou.

[Bhargavasomu]

@kclowes I have a few doubts regarding this signing procedure. This PR aims to support the new signing mechanism as per EIP 191. But my major doubts are the following

• During the whole lifecycle of the message which one signs, where is it being verified? (Could you please link me the code if we have it in web3.py)
• Further even if it verified somewhere, where is the message being extracted properly? (Like from b'\x19Ethereum Signed Message:\n' where are we extracting the part and showing it to the user?) Because I hoped that this would be happening in web3.py, but I couldn't find it anywhere in my searches.

Could you please give me clarity on the above questions, so that I could do better testing with this signing mechanism? Thankyou.

/cc @pipermerriam

[Bhargavasomu]

@pipermerriam @kclowes, please correct me if my below stated claims are wrong anywhere.

• I believe that the verification of the signature is done through recoverHash and recoverTransaction methods
• Further I believe that the Exact Message extraction from the encoded message, is NOT needed anywhere throughout the process. For example, it is not needed to get the <msg> part from b'\x19Ethereum Signed Message:\n<msg>' anywhere throughout the lifecycle of the message.

The above claims of mine are based on the following reasons and scenario.
IIUC below is the workflow, intended for web3 or Metamask.

Note: In the below description, 3rd party also includes Smart Contract.

1. A 3rd party, requests something (like a transaction) from the user.
2. The 3rd party first encodes the message using web3.py as per EIP191 (or) EIP712 (Depends on what he chooses) and then hashes the message. This step is combined in the defunct_hash_message function.
3. That 3rd party sends the hash of the message (instead of direct message, for security reasons) to the user from which it is requesting, to sign the hash of the message.
4. The user uses web3.py to sign this hashed message using his/her public key (web3.eth.accounts.sign I guess, maybe wrong) and sends it to the 3rd party.
5. The 3rd party uses the recoverHash or recoverTransaction functions using the signature of the user to get the Account Address and verify that this address is indeed what they are looking for.
6. So in any of the above steps, the Exact Message is not needed to be decrypted or extracted from.

Requests and Confirmations

1. Based on above explanation, I don't see why web3.py has to be changed with respect to implementation of EIP191 or EIP712. In other words, web3.py should automatically reflect the EIP191 and EIP712 standard, with the changes made only in this repository (and not in web3.py).
2. That said, I think this PR is valid. Could you please give this a review? Thankyou.

[kclowes]

@Bhargavasomu sorry it has taken me so long to respond! I should have some time tomorrow and I'll definitely have time on Wednesday to review.

[kclowes]

@Bhargavasomu I need a little more time to wrap my head around the PR. I hope I'll be able to get you some feedback/answers to questions tomorrow!

[kclowes]

• Based on above explanation, I don't see why web3.py has to be changed with respect to implementation of EIP191 or EIP712. In other words, web3.py should automatically reflect the EIP191 and EIP712 standard, with the changes made only in this repository (and not in web3.py).

Yes, I think that's correct!

[kclowes]

This is looking good, @Bhargavasomu! I left a few comments, mostly about wording. I also didn't see that this was just the implementation for EIP 191 at first so I left some comments about EIP 712. We can disregard the EIP 712 comments for now and take into account in the next PR.

[Bhargavasomu]

@kclowes done! Please review whenever you have time. Thankyou.

[kclowes]

Looks good @Bhargavasomu!

My comments are mostly nitpicky comments on the docstring.

Can we add some more tests to make sure the signature version b'\x00' runs like we'd expect? I'd like to see a test for each type of message (text, bytestring, and hexstr) and a test to make sure that the TypeError gets raised if the address is different than 20 bytes long. Then I think we'll be good to merge! Thank you!

[Bhargavasomu]

@kclowes @pipermerriam could you please check if the docs are right now? I still haven't added the tests, but will add them in a while.

[Bhargavasomu]

@kclowes I have added the new tests also. Please have a look and let me know. Thankyou!

[kclowes]

@Bhargavasomu I just left a few style nitpicks. Feel free to take or leave them. This is looking good!

[Bhargavasomu]

@kclowes done, review please.

[kclowes]

Looks good to me! Thanks @Bhargavasomu!

[Bhargavasomu]

@pipermerriam done. Please review again. Thankyou.

[pipermerriam]

@Bhargavasomu can you build the docs locally and verify this renders correctly. I'm thinking there's some whitespace needed here but not sure exactly where and how much.

[Bhargavasomu]

@pipermerriam I have fixed the docs, and the output is as follows.

[Bhargavasomu]

@pipermerriam ready for another round of review. Thankyou.