Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signed Message Hash not matching in web3py and solidity #1667

Closed
kuabhish opened this issue Jun 3, 2020 · 1 comment
Closed

Signed Message Hash not matching in web3py and solidity #1667

kuabhish opened this issue Jun 3, 2020 · 1 comment

Comments

@kuabhish
Copy link

kuabhish commented Jun 3, 2020
edited

  • Version: 5.10.0
  • Python: 3.7
  • OS: Ubuntu-18.04

Let's start with comparing results of solidity, web3py and web3js

Writing a signed message

  • in web3py
base_message = Web3.soliditySha3( [ 'address' , 'uint256' ] , 
                   [ Web3.toChecksumAddress("0x516510e3B61F3D425Fe5F52D7492E8950C8647D7") , 500])
message = encode_defunct(text=base_message.hex())
signed_message = w3.eth.account.sign_message(message, private_key=private_key)
base_message , signed_message.messageHash
# (HexBytes('0xbccf9f6664ef1f771e15d448d5cccf44e50b6c71a510dc2cb13935e316685e22'),
# HexBytes('0xbf8efb471491d386f2121dda534d499aa84043532aad52af5ee0deb6e74a7c86'))
  • in web3js
var base_message = "0x" + abi.soliditySHA3(
        ["address", "uint256"],
        ["0x516510e3B61F3D425Fe5F52D7492E8950C8647D7", 500]
    ).toString("hex");
var signature = web3.eth.accounts.sign( base_message , privateKey );

base_message , signature.messageHash
# 0xbccf9f6664ef1f771e15d448d5cccf44e50b6c71a510dc2cb13935e316685e22,
# 0x38f9b8b605686af16619c42841e230228373d357f7633f2c91bc9e99329f279a
  • in solidity
    bytes32 base_message = keccak256(abi.encodePacked(recipient , amount));
    function prefixed(bytes32 hash) public  returns (bytes32) {
        return keccak256(abi.encodePacked( "\x19Ethereum Signed Message:\n32" , hash ));
    }
base_message , message_hash
# 0xbccf9f6664ef1f771e15d448d5cccf44e50b6c71a510dc2cb13935e316685e22
# 0x38f9b8b605686af16619c42841e230228373d357f7633f2c91bc9e99329f279a

For python(web3py) I also tried using encode_intended_validator but that also didn't help me at the end. Problem was the same: message Hash was not matching.

Results

We can see here that the hashes of the web3py and solidity matches. Which I was trying, following what @carver suggested, because I want to recover the signer at the end. So, if the messagehash will match the correct signer we will get.
@carver
Copy link
Collaborator

carver commented Jun 4, 2020

message = encode_defunct(text=base_message.hex())

This is a bug. The code converts the message to a hex-encode string, and then asks encode_defunct() to interpret it as unicode text. Try leaving base_message as pure bytes and simply:

message = encode_defunct(base_message)
Which is equivalent to
message = encode_defunct(primitive=base_message)

See the full method docs at:
https://eth-account.readthedocs.io/en/stable/eth_account.html#eth_account.messages.encode_defunct

Closing issue as not a web3 bug.

@carver carver closed this as completed Jun 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@carver @kuabhish