-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
utils.serializeTransaction ignores “chain ID” part of “v” #708
Comments
I think this makes sense for the most part, I’ll think about it more and look into it tomorrow for v5. It is true that of chainId and v disagree, there should be an error. For the signature, there should be no need to compute the v manually though, since you can just ensure recoveryParam is correct and it will determine the v for you. Or it should at least. I’ll build out a larger suite of tests tomorrow to follow the various allowed combinations. I added a bunch of tests recently to v5 to make sure the splitSignature could recreate a full signature from valid fragments (e.g. defining vs should be able to reconstruct v, s and recoveryParam). But it looks like the chainId is in fact ignored when serializing. |
The logic I'm thinking right now:
Does that seem ifair? |
Absence of
This sounds fine. |
Hmmm... I don't really like I think it is ok that if chainId is unspecified and the siguature uses a canonical If a chainId of 0 is provided, then non-EIP-155 is forced and a Basically, I never want to "guess" what is intended, but I do want to make sure a person can be as expressive as desired and to have sane defaults. Did you check out the changes? :) |
When I wrote |
I think the new incarnation of serializeTransaction addresses the concerns, so I'm going to close this, but if you disagree, please feel free to re-open. Thanks! :) |
When
utils.serializeTransaction(tx, sig)
is used to serialize signed transaction, the function could distortsig.v
value passed: strip “chain ID” part from passedsig.v
value and replace it with value derived from passed “tx.chainIdparameter. This is counter-intuitive and error prone. Moreover, this logic is applied even if
txdoes not have
chainId` field at all (the function serialized pre EIP-155 transaction in such case).In my opinion, once
sig.v
value is explicitly provided by the user, this value should go into serialized transaction as is. If this value does not match withtx.chainId
value, explicitly provided, then exception should be thrown. There should be some way to clearly distinguish situations when chain ID is not provided by the user from other situations, when user explicitly provided that he wants to serialized pre EIP-155 transaction with no chain ID.With current implementation, if one has all nine parts of a signed transaction and wants to serialize this transaction, he has to manually calculate chain ID from
v
and pass ten parameters toutils.serializeTransaction(tx, sig)
, otherwise hisv
value will most probably be distorted (replaced with 27 or 28, effectively stripping chain ID information).The text was updated successfully, but these errors were encountered: