fix: correct SIP-018 message format in acceptIncomingTransfer#9
Merged
obycode merged 1 commit intoobycode:mainfrom Mar 6, 2026
Merged
Conversation
obycode
approved these changes
Mar 6, 2026
Two bugs caused the agent to produce signatures incompatible with on-chain verification: 1. Message was nested (pipe-key as sub-object) with plain string values. The Clarity contract uses a flat merged tuple with typed uint/principal fields — matching what sip018_sign expects. 2. balance-1/balance-2 always used myBalance/theirBalance regardless of whether the local agent is principal-1 or principal-2. The contract's map-balances logic assigns balance-1 to principal-1's balance canonically, so we must resolve ordering from pipeKey before building the message. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
obycode
force-pushed
the
fix/sip018-signing-format
branch
from
82b0348 to
7d11d85
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Bug 1 — Wrong message structure:
acceptIncomingTransferwas building a nested message (pipe-key as sub-object) with plain string values. The Clarity contract'smake-structured-data-hashexpects a flat merged tuple with explicit Clarity type hints ({type: "uint", value: N}, etc.), which is whatsip018_signrequires.Bug 2 — Wrong balance ordering:
balance-1was always set tomyBalanceandbalance-2totheirBalance, regardless of which side the local agent is. The contract assignsbalance-1to principal-1's balance canonically (same ordering asmap-balances). Fix resolves ordering frompipeKey["principal-1"]before constructing the message.Impact
Without this fix, every signature produced by
acceptIncomingTransferwould fail on-chain verification — even if the counterparty's signature was valid — because the agent was signing a structurally different message than what the contract verifies.Test plan
acceptIncomingTransferwhere local agent is principal-2 — verifybalance-1usestheirBalance(principal-1's balance)verify-signatureon-chainnpm test)🤖 Generated with Claude Code