Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. ItĀ collects links to all the places you might be looking at while hunting down a tough bug.
And, if youāre still stuck at the end, weāre happy to hop on a call to see how we can help out.
ECDSA.sol recover() returns different address than ecrecover()
See original GitHub issueI may be going crazy, but it seems like ECDSA.recover() and ecrecover() return different addresses.
š¢ Code to reproduce bug Hereās what I get from web3.accounts.sign():
{ message: 'This is a signed message',
messageHash:
'0x7aa10675d70f58a5e7427fdc02dfd8207ec1c637163aa974382c683fea3df843',
v: '0x1b',
r:
'0xf0150782e269d731548e9fe92eadd90e6178bcd7d2c948b2583e132020f8b44d',
s:
'0x23c27ecea23c7d9579807b2f574430fb5be4266ab50945c1c509bf04212d1294',
signature:
'0xf0150782e269d731548e9fe92eadd90e6178bcd7d2c948b2583e132020f8b44d23c27ecea23c7d9579807b2f574430fb5be4266ab50945c1c509bf04212d12941b' }
Hereās the solidity code:
function verify(bytes32 hash, bytes memory signature) public view returns (address){
return ECDSA.recover(hash, signature);
}
function testRecovery(bytes32 h, uint8 v, bytes32 r, bytes32 s) public view returns (address) {
bytes32 prefixedHash = keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", h));
address addr = ecrecover(prefixedHash, v, r, s);
return addr;
}
š Details
Is this even possible? I thought keccak was collision-resistant!
š» Environment
Latest OpenZeppelin, solidity 0.5.0, local Ethereum (pre-Constantinople, not mainnet, if that matters)
Issue Analytics
- State:
- Created 4 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
solidity - Getting wrong address from ECDSA.recover()
I stumbled upon this question and went through the Ethers.js code as well as the draft-EIP712.sol code, but kept having the same result...
Read more >Utilities - OpenZeppelin Docs
The data signer can be recovered with ECDSA.recover , and its address compared to verify the signature. Most wallets will hash the data...
Read more >Ethereum's ecrecover(), OpenZeppelin's ECDSA, and web3's ...
This article talks about some of the tricks of dealing with Ethereum's ecrecover() function. This is a changeup from the more businessĀ ...
Read more >What is ecrecover in Solidity? - Solidity developer
In some cases ecrecover can return a random address instead of 0 for an invalid signature. This is prevented above by the owner...
Read more >Address 0x41997744c0bf7eee41e3903dc8b3df0f7ba8e847
function owner() public view virtual returns (address) { return _owner; } /** * @dev Throws if called by any account other than the...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Thatās actually not true - ecrecover() expects a hash of the message: https://github.com/ethereum/solidity/blob/develop/docs/units-and-global-variables.rst#mathematical-and-cryptographic-functions But anyways, I discovered what I did wrong. The ECDSA contract has a function toEthSignedMessageHash() for prefixing the message hash with the proper ā\x19Ethereum Signed Message:\n32ā prefix but the function is unused. When I call toEthSignedMessageHash(hash) in recover() it works. (I should also note that web3.eth.accounts.sign adds the prefix, while web3.eth.sign does not, which is totally ridiculous)
@maksimjeet20566 Please create a topic in our forum and share the code that youāre using to generate and verify the signature.