You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Currently calling eth_sign will sign the raw message hash provided in this call (which seems to be expected when looking at comments and #1930). According to https://eth.wiki/json-rpc/API#eth_sign this method should return a signature based on the prefixed message hash.
This also leads to inconsistencies when a hardware wallet is connected (e.g. Trezor see Legacy and Model T) as they add the prefix.
Edit:
The method with the expected behaviour is personal_sign ... I just find it very confusing that MetaMask is not following the common behaviour here to use this for eth_sign
The text was updated successfully, but these errors were encountered:
MetaMask implemented eth_sign back before it had a prefix, when this behavior was the most widely used behavior. Geth then decided to add the prefix out of security concerns, but we already had applications relying on our behavior, so we did not have the luxury of changing the behavior of our existing methods.
Rather than remove the method for security concerns, we added a strong warning for usage, and this has seemed to mitigate dangers to users, as it makes users appropriately skeptical of any such signature they approve.
Describe the bug
Currently calling
eth_sign
will sign the raw message hash provided in this call (which seems to be expected when looking at comments and #1930). According to https://eth.wiki/json-rpc/API#eth_sign this method should return a signature based on the prefixed message hash.This also leads to inconsistencies when a hardware wallet is connected (e.g. Trezor see Legacy and Model T) as they add the prefix.
Steps to reproduce (REQUIRED)
eth_sign
with a message hashExpected behavior
Edit:
The method with the expected behaviour is
personal_sign
... I just find it very confusing that MetaMask is not following the common behaviour here to use this foreth_sign
The text was updated successfully, but these errors were encountered: