eth_sign definition is different across different client implementation, which creates many problems. In addition, there is currently no way to verify a signed message using JSON RPC. This ECIP defines two new RPC calls
recover in a different namespace.
The author of this ECIP recommends to define the two new RPC in a different namespace rather than
eth may cause confusion with the existing
eth_sign RPC call and might further pollute the already huge namespace. We can use
etc namespace, or
This sign method calculates an Ethereum specific signature of the following Recursive Length Prefix (RLP) structure (call it Message RLP):
- A 16-byte bytearray of magic code:
0x457468657265756d207369676e6d7367(ASCII string of “Ethereum signmsg”).
- The binary bytearray of the message (
Similar to eth_sign, by adding a prefix, it prevents misuse where a malicious DApp can sign arbitrary data (e.g. transaction) and use the signature to impersonate the victim.
account: 20 bytes address.
message: N bytes message.
detached: (Optional) If true, detach the message from the signing result. By default, this is false.
The signing process takes the Keccak256 hash of the above Message RLP structure as the actual message to be signed by secp256k1. It uses the specified account private key to sign a private message. The returned data is also a RLP structure (encoded as hex string):
- A 65-byte bytearray of the signature. The first byte is the recovery id, followed by 64 bytes of the signature data.
- The Keccak256 message hash used in the secp256k1 signing process.
- (Only included if
detachedis false) Message RLP defined above.
Recover a signature signed by
signature: returned data by
If the signature is invalid, return
false. Otherwise, returns the following JSON struct.
address: Address used to sign this message.
message: If the signature is not detached, returns the actual message (excluding the prefix “Ethereum signmsg”) of the signature.