port message sign to master-n3 #924
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
18 tasks
Merged
Member
Author
|
Need #926 for UT |
ajara87
force-pushed
the
message-sign
branch
from
cd5f7be to
87b6864
Compare
Member
Author
cschuchardt88
previously approved these changes
Dec 3, 2025
Member
|
@cschuchardt88 It's a draft |
Member
|
Message to sign ->
|
superboyiii
reviewed
Dec 9, 2025
Member
|
We need add verify message as well. /// <summary>
/// Process "verify message" command
/// </summary>
/// <param name="message">Original message that was signed</param>
/// <param name="signature">Signature in hex format</param>
/// <param name="publicKey">Public key in hex format</param>
/// <param name="salt">Salt in hex format</param>
[ConsoleCommand("verify message", Category = "Wallet Commands")]
private void OnVerifyMessageCommand(string message, string signature, string publicKey, string salt)
{
try
{
if (message.Length >= 2)
{
if ((message[0] == '"' && message[^1] == '"') || (message[0] == '\'' && message[^1] == '\''))
{
message = message[1..^1];
}
}
// Parse public key
if (!ECPoint.TryParse(publicKey, ECCurve.Secp256r1, out var pubKey))
{
ConsoleHelper.Error("Invalid public key format");
return;
}
// Parse signature
byte[] signatureBytes;
try
{
signatureBytes = signature.HexToBytes();
}
catch
{
ConsoleHelper.Error("Invalid signature format (must be hex string)");
return;
}
// Validate salt format (should be hex string, typically 32 characters for 16 bytes)
if (string.IsNullOrEmpty(salt))
{
ConsoleHelper.Error("Salt cannot be empty");
return;
}
// Reconstruct payload: 010001f0 + VarBytes(Salt + Message) + 0000
// Note: salt is used as hex string (lowercase), same as in signing
var saltHex = salt.ToLowerInvariant();
var paramBytes = Encoding.UTF8.GetBytes(saltHex + message);
byte[] payload;
using (var ms = new MemoryStream())
using (var w = new BinaryWriter(ms, Encoding.UTF8, true))
{
w.Write((byte)0x01);
w.Write((byte)0x00);
w.Write((byte)0x01);
w.Write((byte)0xF0);
w.WriteVarBytes(paramBytes);
w.Write((ushort)0);
w.Flush();
payload = ms.ToArray();
}
// Calculate signData: SHA256(network || Hash256(payload))
var hash = new UInt256(Crypto.Hash256(payload));
var signData = hash.GetSignData(NeoSystem.Settings.Network);
bool isValid = Crypto.VerifySignature(signData, signatureBytes, pubKey);
var contract = Contract.CreateSignatureContract(pubKey);
var address = contract.ScriptHash.ToAddress(NeoSystem.Settings.AddressVersion);
Console.WriteLine();
ConsoleHelper.Info("Verification Result:");
Console.WriteLine();
ConsoleHelper.Info(" Address: ", address);
ConsoleHelper.Info(" PublicKey: ", pubKey.EncodePoint(true).ToHexString());
ConsoleHelper.Info(" Signature: ", signature);
ConsoleHelper.Info(" Salt: ", saltHex);
ConsoleHelper.Info(" Status: ", isValid ? "Valid" : "Invalid");
Console.WriteLine();
if (!isValid)
{
ConsoleHelper.Info("Debug Information:");
Console.WriteLine();
ConsoleHelper.Info(" Message used: ", $"\"{message}\"");
ConsoleHelper.Info(" Message bytes: ", Encoding.UTF8.GetBytes(message).ToHexString());
ConsoleHelper.Info(" Salt+Message: ", $"{saltHex}{message}");
ConsoleHelper.Info(" Reconstructed Payload: ", payload.ToHexString());
ConsoleHelper.Info(" Payload Hash256: ", hash.ToString());
Console.WriteLine();
ConsoleHelper.Warning("Note: The message must match exactly what was signed.");
ConsoleHelper.Warning("If you used 'sign message \"Hello world!\"', the actual message signed is 'Hello world!' (without quotes).");
ConsoleHelper.Warning("If the signed message contains quote characters, you need to include them in the verify command.");
Console.WriteLine();
}
}
catch (Exception e)
{
ConsoleHelper.Error($"Verification failed: {GetExceptionMessage(e)}");
}
} |
Member
|
And we need rpc sign message & verify message as well. It can be more useful in actual scenarios, especially rpc verify message. |
Co-authored-by: Owen <[email protected]>
shargon
reviewed
Dec 11, 2025
| RandomNumberGenerator.Fill(saltBytes); | ||
| var saltHex = saltBytes.ToHexString().ToLowerInvariant(); | ||
|
|
||
| var paramBytes = Encoding.UTF8.GetBytes(saltHex + message); |
Member
There was a problem hiding this comment.
I think we should remove this salt. Perhaps we should have an integer (4 bytes) for ValidUntilBlock, but I don't see why a salt would be useful here
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Porting neo-project/neo#4286 of @adrian-fjellberg
Added use of GetSignData
Added UTs