Bug in tronapi.trx.Trx.verify_message/sign.

[oldnote]

Code example

TRON_SETTINGS = {
    'full_node': 'https://api.shasta.trongrid.io',
    'solidity_node': 'https://api.shasta.trongrid.io',
    'event_server': 'https://api.shasta.trongrid.io',
}

tron = tronapi.Tron(**TRON_SETTINGS)

account = tron.create_account  # XXX: create_account is property.
tron.private_key = account.private_key
tron.default_address = account.address.base58

message = tron.toHex(text='hello')
signed = tron.trx.sign(message)

tron.trx.verify_message(message, signed)

Result is always ValueError: Signature does not match.

I've inspected tronapi.trx.Trx.sign and tronapi.trx.Trx.verify_message and found that they have different code for header definition:

tronapi.trx.Trx.sign

            # Determine which header to attach to the message
            # before encrypting or decrypting
            header = TRX_MESSAGE_HEADER if use_tron else ETH_MESSAGE_HEADER
            header += str(len(transaction))

            message_hash = self.tron.keccak(text=header+transaction)

tronapi.trx.Trx.verify_message

        # Determine which header to attach to the message
        # before encrypting or decrypting
        header = TRX_MESSAGE_HEADER if use_tron else ETH_MESSAGE_HEADER

        message_hash = self.tron.keccak(text=header+message)

Adding header += str(len(message)) string into tronapi.trx.Trx.verify_message fixes the problem.

[serderovsh]

f001328

[oldnote]

@serderovsh add new tag please, i can't install version with changes.

[birdonwheels5]

@Anon731 Can you please provide a complete working code sample with the added header? I'm trying to use your suggestion but not having much luck.

Edit: I ended up using the NodeJS API to correctly match the signature generated with the clientside tronweb API. The python API really shouldn't be doing this differently.