Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

wallet.address is not the address used to sign the message

See original GitHub issue

Here is the code to use wallet to sign message and have the signature verified:

  let privateKey = "0x8d8073c48cd4ba11c9d659dcb31f3523d13874b7b3d6d31bc0271652f9541ac0"; //32bytes and 64hex
  let wallet = new ethers.Wallet(privateKey);  // wallet address: 0xc95b6B8Ec0Eee5eBF18E3c519DBdafaE17AD568F
  //contract deployed
  // The hash we wish to sign and verify
  let messageHash = ethers.utils.id(1234);
  let messageHashBytes = ethers.utils.arrayify(messageHash)
  // Sign the binary data
  let flatSig = await wallet.signMessage(messageHashBytes); //<<==wallet is used to sign the message
  // For Solidity, we need the expanded-format of a signature
  let sig = ethers.utils.splitSignature(flatSig);
  // Call the verifyHash function
  let recovered = await contract.signedMsg(contract.address, sig.v, sig.r, sig.s, 1234); //signedMsg is contract function returns signer information
  let recoveredWait = await recovered.wait();
  console.log("Address recovered : ", recoveredWait.from == signerAddress);  //<<==true

Here is the code for signerAddress:

  let url = "http://localhost:8545";
  const provider = new ethers.providers.JsonRpcProvider(url);
  const signer = provider.getSigner(); //forJsonRPC
  let signerAddress = await signer.getAddress(); //<<==signer address: 0x7FdACa197B9D149F8BA75a6b7bbba8959b157135

Here the wallet is used to sign the message. But why the signer address returned by contract is not the wallet address? What is the relationship between wallet address and signer address?

Issue Analytics

State:
Created 3 years ago
Comments:8 (2 by maintainers)

Top GitHub Comments

2reactions

ricmoocommented, Nov 23, 2020

Adding to the response by @zemse:

Proving a transaction was by you; I recently had someone accidentally send me funds, and they were hoping I’d send the funds back. The signed a message with their e-mail address and request, which I was able to verify came from the same address that sent the funds. So I was able to know that the person I was communicating with was the transaction sender and able to send the funds back.
If you try to sign into CryptoKitties website, they make you sign a message, from which they can determine which kitties you own.

2reactions

zemsecommented, Nov 23, 2020

You might want signed message signature of a user when:

A wallet cannot directly call a smart contract, someone else has to make tx to contract for the user. In this case msg.sender is the relayer, which the smart contract might be least interested in. So the relayer includes a message that makes enough sense to smart contract and signature on it. You can checkout EIP-191.
Offchain proof of identity that doesn’t involve sending any transactions to Ethereum blockchain at all. Offchain governance platforms like Snapchot by balancer labs is an example how you use it.

There are definitely plenty of use cases. These are some that just came to mind