Recommended
Recommended
More Related Content
Similar to TBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
Similar to TBD - Sept 13, 2018 - Signed messages in ethereum - destry saul (20)
More from Destry Saul
Recently uploaded
Recently uploaded (20)
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
- 1. Tucson Blockchain Developers Meetup The Rules: 1. No Prices. 2. No Politics 3. Don’t be an asshole Signed Messages in Ethereum Destry Saul TBD - Sept 13, 2018 Look Up Here For The Point Sponsors: ● Unchained Capital ● Borderland Brewery
- 3. Tucson Blockchain Developers Meetup Private Key = A huge number (1-232 ) Public Key = A different huge number derived from the Private Key Public Key = function(Private Key) A message = Any data Signature = 3 numbers, all derived from the message and the private key Signature = function(message, private key) Quick Recap of Asymmetric Cryptography (it’s just math)
- 4. Tucson Blockchain Developers Meetup Keys and Signatures Diagrams Signing Function Message Signature Public Key Private Key Public Key Function Private Key Message Signing Public Key Derivation
- 5. Tucson Blockchain Developers Meetup If you have the signature and the message that was signed, you can compute the public key. Signature + Message => Public Key Recover Function Message Signature Public Key
- 6. Tucson Blockchain Developers Meetup 1. The private key cannot be derived from the public key 2. Given a signature and a message, you can compute the public key that corresponds to the private key that generated the signature. This is the authentication method for blockchains: Assets are controlled by addresses (public keys), signatures from private keys authorize transactions. The Promises of Asymmetric Cryptography
- 7. Tucson Blockchain Developers Meetup When you send a transaction to Ethereum, you’re submitting a block of data along with a signature. The signature must be generated by the private key of the account you are sending the transaction from. If it’s not, the transaction is invalid. Valid Transactions are messages with attached signatures Signing Function Unsigned Transaction Signature Private Key Transaction Signing Ethereum Network
- 8. Tucson Blockchain Developers Meetup Tx.origin is the recovered address from the transaction, but most contracts use msg.sender: Msg.sender equal to tx.origin for the first call, but if a contract makes an external call, msg.sender is set equal to that contract’s address. Tx.origin is still available. Solidity Docs: https://solidity.readthedocs.io/en/v0.4.24/units-and-global-variables.html tx.origin is the recovered address from the transaction sig
- 9. Tucson Blockchain Developers Meetup The transaction signature is great, it’s a signature of all the data: eth value, destination address, and data (which includes function calls and arguments). But smart contracts are flexible! What is I want to verify a signature of something else, by a different private key? Not going to discuss WHY I would want to do that this time (come to the next meetup!) But what if we want to process a signature inside a contract?
- 10. Tucson Blockchain Developers Meetup ecrecover() is a solidity function, but not a simple one Great! So with v, r, and s, and a 32 hash, we can recover an address. huh? That link goes to this stackoverflow page: https://ethereum.stackexchange.com/questions/1777/workflow-on-signing-a-string-with-private-key-follo wed-by-signature-verificatio
- 11. Tucson Blockchain Developers Meetup https://github.com/destrys/ecrecover-demo Check back later for a better README I made a demo
- 14. Tucson Blockchain Developers Meetup ecrecover() is actually a precompiled contract stored in memory Advanced.