Content
@
0 reply
0 recast
0 reaction
lightclient
@lightclient
"One bad signature will be able to drain your account on Ethereum after EIP-3074." Yes; this is true. 3074 coauthor here! Let me put this concern to rest a bit before it gets more out of hand.
19 replies
23 recasts
99 reactions
lightclient
@lightclient
To start: I'm not aware of any wallets that support signing unprefixed data today. This means that currently, no wallets support 3074. Doesn't matter how many control panels you navigate through or advanced features you turn on. It isn't possible to sign a 3074 message today.
2 replies
0 recast
8 reactions
lightclient
@lightclient
The messages you sign to "login" to dapps use a completely different standard based on EIP-191. This prepends the following data to the message you sign: """ 0x19 <0x45 (E)> <thereum Signed Message:\n" + len(message)> <data to sign> """
1 reply
0 recast
7 reactions
lightclient
@lightclient
That's what makes it impossible to trick someone logging into a dapp to actually sign a valid Ethereum transaction. Transactions are prefixed with single byte values: 0x01 - 2930 tx 0x02 - 1559 tx 0x03 - 4844 tx more info here: https://github.com/ethereum/execution-specs/tree/master/lists/signature-types
1 reply
0 recast
7 reactions
lightclient
@lightclient
3074 plans to use the prefix 0x04. This will disambiguate it from all other types of signable data in Ethereum. Wallets will have to actively opt-in to allowing users to sign these messages.
1 reply
1 recast
7 reactions