by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jul 03 04:25
    dfinzer commented #1629
  • Jul 03 01:23
    pipermerriam commented #1634
  • Jul 03 01:04
    pipermerriam commented #1678
  • Jul 01 22:59
    njgheorghita review_requested #1652
  • Jul 01 22:59
    njgheorghita review_requested #1652
  • Jul 01 22:59
    njgheorghita commented #1652
  • Jul 01 22:57
    njgheorghita edited #1652
  • Jul 01 22:54
    njgheorghita edited #1652
  • Jul 01 22:54
    njgheorghita ready_for_review #1652
  • Jul 01 22:54
    njgheorghita edited #1652
  • Jul 01 22:40
    njgheorghita synchronize #1652
  • Jul 01 22:36
    njgheorghita synchronize #1652
  • Jul 01 22:34
    njgheorghita synchronize #1652
  • Jul 01 22:29
    njgheorghita synchronize #1652
  • Jul 01 22:27
    njgheorghita synchronize #1652
  • Jul 01 22:21
    njgheorghita synchronize #1652
  • Jul 01 22:19
    njgheorghita commented #1652
  • Jul 01 21:38
    njgheorghita synchronize #1652
  • Jul 01 21:38
    njgheorghita synchronize #1652
  • Jul 01 21:36
    njgheorghita synchronize #1652
Mikko Ohtamaa
@miohtama
still much beta
Abhishek Kumar
@kuabhish

behaviour of web3py and solidity.

Samples:

## First in web3py

sig = Web3.soliditySha3(somthing .. ) ## used below also
output: HexBytes('0x3efb3cf4e41109f6f1f998401d02dbe894719a8806f45e79a5fab7d4799f00bb')
from eth_account.messages import encode_defunct
msg = sig.hex()
message = encode_defunct(text=msg)
signed_message = w3.eth.account.sign_message(message, private_key=private_key)
signed_message

SignedMessage(messageHash=HexBytes('0x4c0c7077f770069785167e8b7451d63fad1e858ef5251b239eb0781c314000d2'), r=5665764915496639843348851536709769469640799172147461427941649091688603148258, s=48121517563314450138554207713326165180739298862566159641495137088718857193470, v=27, signature=HexBytes('0x0c86b594baa5bb06a0f4054ffdf3896377cfb757d42dcaeacf0241d96a4d5fe26a63d0514338ec600c89ee808dc088e7b3aadc55b9f5d86685d3ff212e2e47fe1b'))

Then I tried

w3.eth.account.recoverHash(signed_message.messagehash,signature=signed_message.signature)#gives correct contract address as output

But when I use:

w3.eth.account.recoverHash(sig,signature=signed_message.signature) ## gives incorrect address

But it gives the same address which solidity is giving...

then I checked what is the output of keccak256(abi.encodePacked(..)).
I found It is same as sig value

and then the ecrecover output of solidity gives the same address given by the above function..

Please help..

Voith Mascarenhas
@voith
@miohtama @brschkv I compiled the solidity contract. Here’s the output of the ABI:
https://gist.github.com/voith/4cc9e10b329e0a4a890d73a7918e8657
Notice that there is just one admin function.
Clearly the abi provided in their documentation is incorrect
Here’s the output of admin function using web3.py:
In [19]: contract.functions.admin().call()
Out[19]: ‘0x18646F4a178404b1c986390Ac808236D37229A11’
@brschkv Please use the ABI provided in my gist and run your code again
Eth-Gitter-Bridge
@Eth-Gitter-Bridge
<carver> Yeah, I agree with @voith here: their ABI is broken, and they didn't notice because web3.js wasn't validating that particular type of input failure
brschkv
@brschkv

@brschkv Please use the ABI provided in my gist and run your code again

Works. Thanks for effort!

<carver> Yeah, I agree with @voith here: their ABI is broken, and they didn't notice because web3.js wasn't validating that particular type of input failure

Wow... So how does one communicate this to Compound?

Mikko Ohtamaa
@miohtama
Let me see if I can reach out to someone
Abhishek Kumar
@kuabhish
Hi guys, I am not able to verify a signed message with ecrecover in solidity
sig = Web3.soliditySha3([address, uint8], [recipientaddress, token] )
msg = sig.hex()
message = encode_defunct(text=msg)
signed_message = w3.eth.account.sign_message(message, private_key=private_key)
signed_message
msg = sig.hex()
message = encode_defunct(text=msg)
signed_message = w3.eth.account.sign_message(message, private_key=private_key)
signed_message
in the contract I want the user to pass arguments like .. numf tokens..and th n i will create a hash with solidity keccak256(abi.encodePacked()))
but the address recovered is coming wrong
Please help
Voith Mascarenhas
@voith
@kuabhish Your issue seems to be to more of a solidity issue and not a web3.py issue.
Try using the remix IDE to debug your smart contract.
Abhishek Kumar
@kuabhish
@voith I did some debugging ..and found that sig = Web3.soliditySha3([address, uint8], [recipientaddress, token] ) and keccak256(abi.encodePacked())) gives the same hash
but sig = Web3.soliditySha3([address, uint8], [recipientaddress, token] ) is not a signed message right? So I send the signed_message.singature as sign and along with arguments which I used in sig = Web3.soliditySha3([address, uint8], [recipientaddress, token] ).. but it doesn't work
Eth-Gitter-Bridge
@Eth-Gitter-Bridge
<carver> I recommend getting really familiar with all the examples on this page: https://web3py.readthedocs.io/en/stable/web3.eth.account.html -- they should help clear up the confusion here. There are examples for preparing a signature to be verified by a solidity contract, also.
Abhishek Kumar
@kuabhish
@Eth-Gitter-Bridge I have used this documentation to familiarize myself.
But I want to :
Lets say :
function withdraw(address recipientaddress, uint25 tokens ){
message = keccak256(abi.encodePacked(token,recipientaddress));
        (uint8 v, bytes32 r, bytes32 s) = splitSignature(sig);
        address signer = ecrecover(message, v, r, s);
    if signer == owner:## owner -- my address
        payment();
}
Abhishek Kumar
@kuabhish
Then when I send my signature obtained by
sig = Web3.soliditySha3( [uint256, address], [tokens, contractaddress] )
from eth_account.messages import encode_defunct
msg = sig.hex()
message = encode_defunct(text=msg)
signed_message = w3.eth.account.sign_message(message, private_key=private_key)
signed_message
SignedMessage(messageHash=HexBytes('0x4c0c7077f770069785167e8b7451d63fad1e858ef5251b239eb0781c314000d2'), r=5665764915496639843348851536709769469640799172147461427941649091688603148258, s=48121517563314450138554207713326165180739298862566159641495137088718857193470, v=27, signature=HexBytes('0x0c86b594baa5bb06a0f4054ffdf3896377cfb757d42dcaeacf0241d96a4d5fe26a63d0514338ec600c89ee808dc088e7b3aadc55b9f5d86685d3ff212e2e47fe1b'))
It is giving wrong address
What am I doing wrong ?
Jason Carver
@carver
You're trying to manually build a message in solidity, but you're building it a different way than eth_sign does, so the hash doesn't match.
Forget about the signature for now, and just try to get the message hash to match. Specifically try to get message from withdraw() to match messageHash from signed_message. To do that, first understand eth_sign as I mentioned here: https://stackoverflow.com/a/62141323/8412986
Abhishek Kumar
@kuabhish
Yes @carver that is exactly what is happening: the messagehash created in solidity matches sig value mentioned above but it doesn’t match the messagehash from the signed message.
Jason Carver
@carver
Right, so you need to build message in solidity with the extra content of the prefix I mentioned in the link above
Abhishek Kumar
@kuabhish

@carver As you said I used the prefix

    function prefixed(bytes32 hash) internal pure returns (bytes32) {
        return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", hash));
    }

and

bytes32 message = prefixed(keccak256(abi.encodePacked(recipient , amount)));
        emit Message(message);

Still the message is different.

Eth-Gitter-Bridge
@Eth-Gitter-Bridge
<carver> Looks like maybe an un-needed extra hash in there before prefixing? I can't dig in deeper to help you debug right now. But you have the right test now. You'll know when you've got it working, because the message hashes will match.
Abhishek Kumar
@kuabhish

@carver @Eth-Gitter-Bridge

        bytes memory something = abi.encodePacked(recipient , amount);
        bytes32 message = keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n",something.length ,something));
        emit Message(message);

I don't know if this is right way to pack the arguments or not. But the output doesn't match

Abhishek Kumar
@kuabhish
The value generated by the keccak256(abi.encodePacked(recipient , amount)) and Web3.soliditySha3( [ 'address' , 'uint256' ] , [ Web3.toChecksumAddress("0x516510e3B61F3D425Fe5F52D7492E8950C8647D7") , 500 ]) are same ..
Abhishek Kumar
@kuabhish

@carver

msg = Web3.soliditySha3( [ 'address' , 'uint256' ] , 
                   [ Web3.toChecksumAddress("0x516510e3B61F3D425Fe5F52D7492E8950C8647D7") , 500])

message = encode_defunct(text=msg.hex())
message_hash = Web3.keccak(
    b"\x19Ethereum Signed Message:\n" +
    bytes(f"{len(message.body)}", encoding='utf-8') + message.body
)
message_hash
HexBytes('0xbf8efb471491d386f2121dda534d499aa84043532aad52af5ee0deb6e74a7c86')

I found this message_hash == signature.messagehash..

So, I tried using the same params in the solidity like :

keccak256(abi.encodePacked( "\x19Ethereum Signed Message:\n" , "66" , hash ))

But then I checked the values :

b"\x19Ethereum Signed Message:\n" +bytes(f"{len(message.body)}", encoding='utf-8') + message.body == b'\x19Ethereum Signed Message:\n660xbccf9f6664ef1f771e15d448d5cccf44e50b6c71a510dc2cb13935e316685e22'

but

abi.encodePacked( "\x19Ethereum Signed Message:\n" , "66" , hash ) == 0x19457468657265756d205369676e6564204d6573736167653a0a3636bccf9f6664ef1f771e15d448d5cccf44e50b6c71a510dc2cb13935e316685e22
So, is this abi.encodepacked causing problem?? If yes how can this be solved...
Or are these byte values equal.. ?
Jason Carver
@carver

Okay, so now we're starting to run into the reason that this warning is in the docs:

Consider the w3.eth.sign() approach be deprecated.

Different implementations actually implement this in different ways
How the length is implemented is a little sketchy
So this is why I was recommending using the "intended validator" approach
Abhishek Kumar
@kuabhish

Hey @carver
As you had suggessted I tried

from eth_account.messages import encode_defunct, encode_intended_validator
msg = Web3.soliditySha3( [ 'address' , 'uint256' ] , 
                   [ Web3.toChecksumAddress("0x516510e3B61F3D425Fe5F52D7492E8950C8647D7") , 500])
message = encode_intended_validator(Web3.toChecksumAddress("0x09c1814a3c53c025f354a9d7b88e28a084d0f162"),
                                    hexstr=msg.hex())
print("message" , message)
signed_message = w3.eth.account.sign_message(message, private_key=private_key)

But this time the signed_message.messagehash and what i got from solidity are diffrent :(

Voith Mascarenhas
@voith
@kuabhish If I had to figure this out then I would read the source code of eth-accounts:
https://github.com/ethereum/eth-account
Abhishek Kumar
@kuabhish
ohh great .. thanks ..
Abhishek Kumar
@kuabhish
@voith checked the code a little ,, but couldn't figure out where the difference is..
Voith Mascarenhas
@voith
did you go through the tests?
Abhishek Kumar
@kuabhish

@carver I also used this https://eips.ethereum.org/EIPS/eip-191

and so made a little code change :

keccak256(abi.encodePacked(byte(0x19),byte(0),address(this),destination, value, data, nonce));

Still didn't match

did you go through the tests?

I forgot .. i ll check tyhe tests now ..

Abhishek Kumar
@kuabhish
@voith the tests gave a good insight hoe it works ,, thanks man
Ben Hauser
@iamdefinitelyahuman
hey web3py team.. right now you're raising a ValidationError when a POA network returns >32 bytes of extraData and the geth_poa_middleware isn't active. I want to handle this automatically in Brownie.. when connecting to a new network, query an endpoint and if this error is raised, add the middleware. I can do so by examining at the string of the ValidationError but that feels brittle. Wondering if you'd be open to instead raising a new exception, POAValidationError or ExtraDataError? This exception can subclass ValidationError so the change won't break anything, and this way there is a much stronger approach for catching the specific error.
Eth-Gitter-Bridge
@Eth-Gitter-Bridge
<carver> Yup, something like an ExtraDataLengthError that subclasses ValidationError seems reasonable 👍
Ben Hauser
@iamdefinitelyahuman
@carver thanks! i'll make a PR shortly
Abhishek Kumar
@kuabhish

Hi, guys

var hash = "0x" + abi.soliditySHA3(
        ["address", "uint256"],
        ["0x516510e3B61F3D425Fe5F52D7492E8950C8647D7", 500]
    ).toString("hex");
var signature = web3.eth.accounts.sign( hash , privateKey );

I was able to solve my issue by using nodejs .. using this code the signature.messagehash == solidity message hash.. But I wanted to write the Api in python only.. Why can't i solve it with python??

Marc Garreau
@marcgarreau
glad you have some form of solution @kuabhish. we’re all juggling a few things at once; if you can write up an issue with your best understanding of the problem, we would appreciate it. that makes the history of context easier to track without scrolling through Gitter.