Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
eth-sig-util
Advanced tools
The eth-sig-util npm package provides utilities for signing and verifying Ethereum signatures. It is commonly used in Ethereum-based applications to handle cryptographic operations related to user authentication, transaction signing, and message verification.
Sign Typed Data
This feature allows you to sign typed data according to the EIP-712 standard. The code sample demonstrates how to sign a typed data object using a private key.
const sigUtil = require('eth-sig-util');
const privateKey = Buffer.from('your_private_key', 'hex');
const data = { types: { EIP712Domain: [ { name: 'name', type: 'string' }, { name: 'version', type: 'string' }, { name: 'chainId', type: 'uint256' }, { name: 'verifyingContract', type: 'address' } ], Person: [ { name: 'name', type: 'string' }, { name: 'wallet', type: 'address' } ] }, primaryType: 'Person', domain: { name: 'MyApp', version: '1', chainId: 1, verifyingContract: '0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC' }, message: { name: 'Alice', wallet: '0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC' } };
const signature = sigUtil.signTypedData_v4(privateKey, { data });
console.log(signature);
Recover Typed Data Signer
This feature allows you to recover the address of the signer from a signed typed data object. The code sample demonstrates how to recover the signer's address using the signature and the original data.
const sigUtil = require('eth-sig-util');
const signature = 'your_signature';
const data = { types: { EIP712Domain: [ { name: 'name', type: 'string' }, { name: 'version', type: 'string' }, { name: 'chainId', type: 'uint256' }, { name: 'verifyingContract', type: 'address' } ], Person: [ { name: 'name', type: 'string' }, { name: 'wallet', type: 'address' } ] }, primaryType: 'Person', domain: { name: 'MyApp', version: '1', chainId: 1, verifyingContract: '0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC' }, message: { name: 'Alice', wallet: '0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC' } };
const recoveredAddress = sigUtil.recoverTypedSignature_v4({ data, sig: signature });
console.log(recoveredAddress);
Personal Sign
This feature allows you to sign a personal message. The code sample demonstrates how to sign a simple message using a private key.
const sigUtil = require('eth-sig-util');
const privateKey = Buffer.from('your_private_key', 'hex');
const message = 'Hello, world!';
const signature = sigUtil.personalSign(privateKey, { data: message });
console.log(signature);
Recover Personal Signer
This feature allows you to recover the address of the signer from a signed personal message. The code sample demonstrates how to recover the signer's address using the signature and the original message.
const sigUtil = require('eth-sig-util');
const signature = 'your_signature';
const message = 'Hello, world!';
const recoveredAddress = sigUtil.recoverPersonalSignature({ data: message, sig: signature });
console.log(recoveredAddress);
The ethers.js library is a complete and compact library for interacting with the Ethereum blockchain. It provides utilities for signing and verifying messages, managing wallets, and interacting with smart contracts. Compared to eth-sig-util, ethers.js offers a broader range of functionalities beyond just signature utilities.
The web3.js library is a collection of modules that contain functionalities for the Ethereum ecosystem. It includes modules for interacting with smart contracts, signing transactions, and verifying signatures. While web3.js provides similar signature utilities as eth-sig-util, it is more comprehensive and includes many other features for interacting with the Ethereum blockchain.
The ethereumjs-util library provides a variety of utility functions for Ethereum, including cryptographic functions for signing and verifying messages. It is similar to eth-sig-util in terms of cryptographic functionalities but also includes other utilities for handling Ethereum-specific data structures.
A small collection of ethereum signing functions.
You can find usage examples here
Currently there is only one supported signing protocol. More will be added as standardized.
personal_sign
) geth threadnpm install eth-sig-util --save
All three arguments should be provided as buffers.
Returns a continuous, hex-prefixed hex value for the signature, suitable for inclusion in a JSON transaction's data field.
Takes an address of either upper or lower case, with or without a hex prefix, and returns an all-lowercase, hex-prefixed address, suitable for submitting to an ethereum provider.
msgParams should have a data
key that is hex-encoded data to sign.
Returns the prefixed signature expected for calls to eth.personalSign
.
msgParams should have a data
key that is hex-encoded data unsigned, and a sig
key that is hex-encoded and already signed.
Returns a hex-encoded sender address.
Signs typed data as per an early draft of EIP 712.
Data should be under data
key of msgParams
. The method returns prefixed signature.
Signs typed data as per the published version of EIP 712.
Data should be under data
key of msgParams
. The method returns prefixed signature.
Signs typed data as per an extension of the published version of EIP 712.
This extension adds support for arrays and recursive data types.
Data should be under data
key of msgParams
. The method returns prefixed signature.
Return address of a signer that did signTypedData
.
Expects the same data that were used for signing. sig
is a prefixed signature.
Return hex-encoded hash of typed data params according to EIP712 schema.
msgParams should have a data
key that is hex-encoded data unsigned, and a sig
key that is hex-encoded and already signed.
Returns a hex-encoded public key.
FAQs
A few useful functions for signing ethereum data
The npm package eth-sig-util receives a total of 129,347 weekly downloads. As such, eth-sig-util popularity was classified as popular.
We found that eth-sig-util demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.