I cant get correct recovered address with ECDSA.recover

PoorMillionaire · May 7, 2023, 1:25pm

I tried everything and I dont know what I am doing wrong.

I have this function in smart contract:

function test(
        bytes memory signature,
        address to
    ) public pure returns (address) {
        // VERIFY THE SIGNATURE
        bytes32 messageHash = keccak256(abi.encodePacked(to));
        address recoveredAddress = ECDSA.recover(messageHash, signature);

        return recoveredAddress;

        //require(recoveredAddress == msg.sender, "Invalid signature");
    }

And I have this HardHat test

const { SContract, mockToken, owner, addr1, addr2 } = await loadFixture(deployFixture);
    
            const amount = BigNumber.from("100");
            const fee = amount.mul(5).div(100);
            const donationAmount = amount.sub(fee);
    
            // sign a message with the donor's address
            const addr2Lower = (addr2.address).toLowerCase();

            const messageHash = ethers.utils.solidityKeccak256(["string"], [addr2Lower]);
            const messageHashBinary = ethers.utils.arrayify(messageHash);
            const signature = await addr1.signMessage(messageHashBinary);

            console.log("Addr2: " + addr2Lower);
            console.log("Signature: " + signature);

            const recovered = await SContract.connect(addr1).test(signature, addr2Lower);
            console.log("Signer: ", (addr1.address).toLowerCase());
            console.log("Recovered: ", recovered);

Result is:
Signer: 0x70997970c51812dc3a010c7d01b50e0d17dc79c8
Recovered: 0x2c78E0b3a60425283f3Ee056d00A08560A445d9d

What I am doing wrong?

barakman · May 7, 2023, 2:52pm

PoorMillionaire:

bytes32 messageHash = keccak256(abi.encodePacked(to));
address recoveredAddress = ECDSA.recover(messageHash, signature);
require(recoveredAddress == msg.sender, "Invalid signature");

You're hashing to and then verifying against msg.sender.

Why?

PoorMillionaire · May 7, 2023, 3:16pm

require(recoveredAddress == msg.sender, "Invalid signature"); was commented with //, so this doesnt matter.

Anyway, I changed my code to this:

function test(
        bytes memory signature,
        address from,
        address to
    ) public view returns (bool) {
        // VERIFY THE SIGNATURE
        bytes32 messageHash = keccak256(abi.encodePacked(from, to));
        bytes32 message = ECDSA.toEthSignedMessageHash(messageHash);
        address recoveredAddress = ECDSA.recover(message, signature);

        require(recoveredAddress == msg.sender, "Invalid signature");

        return true;
    }

I added this part: bytes32 message = ECDSA.toEthSignedMessageHash(messageHash);

In my test code:

const messageHash = ethers.utils.solidityKeccak256(["address","address"], [addr1.address,addr2.address])
const messageHashBinary = ethers.utils.arrayify(messageHash)
const signature = await addr1.signMessage(messageHashBinary);

Now its working I guess. Is this safe?

frangio · May 9, 2023, 9:45pm

Yes you should be using toEthSignedMessageHash if you're using the signMessage method.

Topic		Replies	Views
ECDSA returning incorrect signer address Smart Contracts solidity , web3js	2	1279	November 2, 2023
ECDSA.recover different from ethers.utils.verifyMessage Smart Contracts etherscan-verify	2	2460	October 14, 2022
ECDSA Generating incorrect address Smart Contracts etherscan-verify	1	494	February 15, 2022
Help with ecrecover() and/or signing/verify Smart Contracts etherscan-verify	6	2095	July 19, 2022
Signature Verification ECDSA Contracts erc721 , proxies , solidity , etherscan-verify	0	555	April 14, 2022

I cant get correct recovered address with ECDSA.recover

Related topics