From cd3a2de29110f849a9f4ad1929c7bc510fc0249b Mon Sep 17 00:00:00 2001 From: Neal Xu Date: Tue, 26 Mar 2024 11:08:44 +0800 Subject: [PATCH] revert: eth_sign sign hashed message (#82) * Revert "fix: eth_sign is signing arbitrary data (#78)" This reverts commit 938b4ab5dcb9f709def8d4ad331f9bd18d6d9513. * fix: eth_sign cannot sign string begin with 0x --- token-core/tcx-common/src/util.rs | 7 ++++- token-core/tcx-eth/src/signer.rs | 52 ++++++++++++++++++++++++++----- token-core/tcx/tests/sign_test.rs | 32 ------------------- 3 files changed, 50 insertions(+), 41 deletions(-) diff --git a/token-core/tcx-common/src/util.rs b/token-core/tcx-common/src/util.rs index 87844c7d..ddc9fb75 100644 --- a/token-core/tcx-common/src/util.rs +++ b/token-core/tcx-common/src/util.rs @@ -3,7 +3,12 @@ use crate::Result; pub fn utf8_or_hex_to_bytes(value: &str) -> Result> { if value.to_lowercase().starts_with("0x") { - FromHex::from_0x_hex(value) + let ret = FromHex::from_0x_hex(value); + if ret.is_err() { + Ok(value.as_bytes().to_vec()) + } else { + ret + } } else { Ok(value.as_bytes().to_vec()) } diff --git a/token-core/tcx-eth/src/signer.rs b/token-core/tcx-eth/src/signer.rs index 17487e08..3a975c86 100644 --- a/token-core/tcx-eth/src/signer.rs +++ b/token-core/tcx-eth/src/signer.rs @@ -112,11 +112,7 @@ impl EthMessageInput { if self.signature_type == SignatureType::PersonalSign as i32 { Ok(hash_message(&message)) } else { - // Note: ec sign is signing arbitrary data - // ref: https://support.metamask.io/hc/en-us/articles/14764161421467-What-is-eth-sign-and-why-is-it-a-risk - let mut buffer: [u8; 32] = [0; 32]; - buffer.copy_from_slice(&message); - Ok(buffer) + Ok(keccak256(&message)) } } } @@ -670,8 +666,7 @@ mod test { #[test] fn test_ec_sign() { let message = EthMessageInput { - message: "0x879a053d4800c6354e76c7985a865d2922c82fb5b3f4577b2fe08b998954f2e0" - .to_string(), + message: "Hello imToken".to_string(), signature_type: SignatureType::EcSign as i32, }; let mut keystore = @@ -686,7 +681,48 @@ mod test { let sign_output = keystore.sign_message(¶ms, &message).unwrap(); assert_eq!( sign_output.signature, - "0xe391521758b55824691588821ca425900c7dd3ad1219179637d8df6db5353dcb04fc518a62a83b7293738d7cf9d37f2cc57009324d95e52df0aaeeda2c3092761b" + "0x648081bc111e6116769bdb4396eebe17f58d3eddc0aeb04a868990deac9dfa2f322514a380fa66e0e864faaac6ef936092cdc022f5fd7d61cb501193ede537b31b" + ); + let message = EthMessageInput { + message: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa".to_string(), + signature_type: SignatureType::EcSign as i32, + }; + let sign_output = keystore.sign_message(¶ms, &message).unwrap(); + assert_eq!( + sign_output.signature, + "0x65e4952899a8dcadf3a65a11bdac0f0cfdf93e0bae5c67674c78a72631de524d3cafe27ea71c86aa3fd838c6a50a0b09d6ece85a6dcf3ce85c30fdc51380ebdf1b" + ); + + let message = EthMessageInput { + message: "0000000000000000".to_string(), + signature_type: SignatureType::EcSign as i32, + }; + let sign_output = keystore.sign_message(¶ms, &message).unwrap(); + assert_eq!( + sign_output.signature, + "0xf85b21d47d4a828b0829bd3d0b7dbd19cb7fb8d75c24d03f424beddb38d6eb2456f3f438b18453826ce9eaf4b887a2e899e63e73c265dcd8ae0bc507184590a51c" + ); + + let message = EthMessageInput { + message: "0x0000000000000000".to_string(), + signature_type: SignatureType::EcSign as i32, + }; + let sign_output = keystore.sign_message(¶ms, &message).unwrap(); + assert_eq!( + sign_output.signature, + "0xb35fe7d2e45098ef21264bc08d0c252a4a7b29f8a24ff25252e0f0c5b38e0ef0776bd12c9595353bdd4a118f8117182d543fa8f25d64a121c03c71f3a4e81b651b" + ); + + let message = EthMessageInput { + message: + "0x81f26727a6b5478D25bb4524AdeAeE11eC36633ce09d21e3-533d-447c-a185-8b148fb5b568" + .to_string(), + signature_type: SignatureType::EcSign as i32, + }; + let sign_output = keystore.sign_message(¶ms, &message).unwrap(); + assert_eq!( + sign_output.signature, + "0x19a39d2da6c7c8abc8babd6dbb9063f30273e3babf819e786f4ae14509cc7a017d08e7ae63b50925ba71dbdaaf9e9db417b97eab2199e3b91fae86493a51229b1c" ); } diff --git a/token-core/tcx/tests/sign_test.rs b/token-core/tcx/tests/sign_test.rs index 142e594e..c1d57abf 100644 --- a/token-core/tcx/tests/sign_test.rs +++ b/token-core/tcx/tests/sign_test.rs @@ -1056,38 +1056,6 @@ pub fn test_sign_ethereum_sign_message() { }) } -#[test] -#[serial] -pub fn test_sign_ethereum_ec_sign() { - run_test(|| { - let wallet = import_default_wallet(); - - let eth_tx_input = EthMessageInput { - message: "0x879a053d4800c6354e76c7985a865d2922c82fb5b3f4577b2fe08b998954f2e0" - .to_string(), - signature_type: 1i32, - }; - let input_value = encode_message(eth_tx_input).unwrap(); - let param = SignParam { - id: wallet.id.to_string(), - chain_type: "ETHEREUM".to_string(), - path: "m/44'/60'/0'/0/0".to_string(), - curve: "secp256k1".to_string(), - network: "".to_string(), - seg_wit: "".to_string(), - input: Some(::prost_types::Any { - type_url: "imtoken".to_string(), - value: input_value, - }), - key: Some(sign_param::Key::Password(sample_key::PASSWORD.to_string())), - }; - let ret = call_api("sign_msg", param).unwrap(); - let output: EthMessageOutput = EthMessageOutput::decode(ret.as_slice()).unwrap(); - - assert_eq!(output.signature, "0x75fbe836882b653ee7c01d334a08c13343580104f8e964276d009041125b2aaa5704c25efcf37d4c4153b3047f305547a7e8886f655eefd1de7db2897200d49d1b"); - }) -} - #[test] #[serial] pub fn test_sign_bls_to_execution_change() {