This repository has been archived by the owner on Apr 4, 2024. It is now read-only.
Add Multi-Signing Support for EIP-712 Cosmos Signatures #1370
Assignees
Labels
Type: ADR
Architecture Decision Records
Comments
|
This issue is stale because it has been open 45 days with no activity. Remove |
|
@austinchandra can you leave a comment and close this issue if applicable? |
|
This has been implemented on Ethermint to be included in v0.20.0. PR: #1397 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Introduction
Ethermint's EIP-712 signature verification module does not allow for multi-signature verification in any capacity. The verification code artificially enforces a signer limit of exactly one, and by accepting EIP-712 signatures only in a specific extension (
ExtensionOptionsWeb3Tx), the current implementation does not allow EIP-712 signatures to mix with software keys in a multi-signed payload.This is important for Ledger users, since in order to participate in multi-signed transactions, they must move their private key out of their Ledger, which disturbs security and the user experience.
Proposal
We can accept EIP-712 signatures from the
ethsecp256k1.PubKeyclass in order to support multi-signing for EIP-712-signed signatures, and include EIP-712 signatures in the transaction as though they were standard signatures, instead of using anExtensionOptionsWeb3Txextension.Since the signature verification code in Ethermint for both single- and multi-signer payloads defers to each
PubKey'sVerifySignature(...)method, accepting EIP-712 signatures from that class will satisfy verification in all instances. EIP-712 signatures can thus be treated identically to standard signatures.Current behavior
EIP-712 signatures are handled in an
ExtensionOptionsWeb3Txextension, which are limited to one signature and isolated from software key/non-EIP-712 signatures.Desired behavior
EIP-712 signatures should be accepted if found within the transaction body, or in multi-key signatures. In other words, they should be treated identically to standard Ethermint signatures.
Implementation
Change
crypto/ethsecp256k1/ethsecp256k1.goas follows:verifySignatureAsEIP712(msg, sig []byte) boolwhich uses this code to convert the message to an EIP-712 object, and performs signature verification on the object hash and signatureVerifySignature(msg, sig []byte) boolto return the following:return crypto.VerifySignature(pubKey.Key, crypto.Keccak256Hash(msg).Bytes(), sig) || verifySignatureAsEIP712(msg, sig)Alternative Solution
Import and modify the Cosmos signature
anteHandlerandverifySignature(...)methods, and create a new multi-key object to attempt signature verification for both signing methods in each case (change all relevant code from the top-down).EIP712EnabledMultiKeymultikey object that copies most of the infrastructure fromLegacyAminoPubKeyVerifyEIP712EnabledMultisignaturethat takes the following as inputand performs both standard signature verification and EIP-712 verification, and approves if either is approved. If a dependent public key is a multikey of type
EIP712EnabledMultiKey, callVerifyEIP712EnabledMultisignatureon that key.authsigning.VerifySignature(...)method and:VerifyMultisignaturewithVerifyEIP712EnabledMultisignatureante.NewSigVerificationDecoratorinfrastructure and replace instances ofauthsigning.VerifySignature(...)with the local “forked” versionThis would introduce hundreds of lines of new code to maintain, most of which is very critical. Recommend against this solution for that reason.
Release
On release, we will rename the current EIP-712 signature verification methods to indicate a legacy status, and phase it out in a number of months.
As we do so, we must refactor
evmosjsand other EIP-712 signing libraries to move the signature to the transaction body from the extension, to participate with the new standard.The text was updated successfully, but these errors were encountered: