Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SIP describing Stacks message signing #90

Open
kyranjamie opened this issue Oct 6, 2022 · 6 comments
Open

SIP describing Stacks message signing #90

kyranjamie opened this issue Oct 6, 2022 · 6 comments

Comments

@kyranjamie
Copy link

kyranjamie commented Oct 6, 2022
edited
Loading

No SIP exists describing how arbitrary messages are signed.

Specifics such as what the prefix is, and what encoding is used should be described. EIP-712, for example, has an arbitrary message section.

The current prefix follows the same format as EIP-712, with Stacks in place of Ethereum.

"\x17Stacks Signed Message:\n" ‖ len(message) ‖ message

The need for this SIP comes from issues that've arisen migrating to a single prefix: See hirosystems/stacks.js#1328.

In migrating to a new prefix, some apps have seen breaking changes. Were this described in a SIP, a more structured, community-driven approach to changes would've been required.

cc/ @friedger @markmhx @MarvinJanssen @pradel @Hero-Gamer
@kyranjamie kyranjamie changed the title SIP describing Stacks Message Signing SIP describing Stacks message signing Oct 6, 2022
@MarvinJanssen
Copy link
Collaborator

Is there a reason this method is preferred over using SIP018 with a string-ascii type? The SIP018 document describes some potential issues with "non-structured messages". For example, potential replayability issues depending on how the app dev formats the message, as well as the ability for wallet software to display sign in (and future) message types more nicely. Since some apps are broken right now due to the recent change, I would suggest them to simply move to SIP018 since it is implemented and shows the app name and version.

Nonetheless, at Ryder have not implemented non-structured signing due to there not being a standard yet. If it were adopted as a SIP it be safer for devs to rely on the functionality.

@Hero-Gamer Hero-Gamer mentioned this issue Oct 10, 2022
Open
@Hero-Gamer
Copy link
Contributor

From my understanding from the last SIP call when this item was discussed Friedger and Jude were present, the conclusion on the I believe was to just for this to be part of SIP-018. Will let the others confirm this.

@Hero-Gamer
Copy link
Contributor

Hi @kyranjamie @MarvinJanssen since SIP-018 will activate with SIP-015 (provided Stacks 2.1 vote will be a pass), do you guys need to make any amends to SIP-018 based on this above conversation?

@kyranjamie
Copy link
Author

I made this issue to note that there's no SIP covering this functionality, that's currently supported by the Hiro Wallet and Ledger Stacks app.

I'm no advocate for it, though. @MarvinJanssen's right that developers should favour SIP-018 going forward. Perhaps this functionality is better considered non-standard, not covered by a SIP, and eventually deprecated—that's up to Stacks app developers/community.

I don't believe any action is necessary relating to upcoming SIP activations.

@Hero-Gamer
Copy link
Contributor

Understood. Thank you Kyran for bringing this to people's awareness!

@MarvinJanssen
Copy link
Collaborator

@Hero-Gamer it also does not make sense to me to include it in SIP018 as the message signing described in the OP is quite different.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kyranjamie @MarvinJanssen @Hero-Gamer