Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

signTypedData_v4 encoding problems on mobile #3132

Closed
Gudahtt opened this issue Sep 16, 2021 · 5 comments
Closed

signTypedData_v4 encoding problems on mobile #3132

Gudahtt opened this issue Sep 16, 2021 · 5 comments
Labels
INVALID-ISSUE-TEMPLATE Issue's body doesn't match any issue template. Sev2-normal An issue that may lead to users misunderstanding some limited risks they are taking stale Issues that have not had activity in the last 90 days team-confirmations Push issues to confirmations team type-bug Something isn't working

Comments

@Gudahtt
Copy link
Member

Gudahtt commented Sep 16, 2021
edited
Loading

Describe the bug
Our signTypedData_v4 implementation has various problems that make it easy to produce non-standard and/or non-portable encodings unintentionally. There are three main problems: our array encoding is not spec-compliant, we don't perform enough input validation, and we don't clearly document how each Solidity type should be encoded in the input data.

Steps to reproduce (REQUIRED)
See the eth-sig-util test suite for examples of nonsense inputs that we still accept or interpret in silly ways, and see this issue for an explanation of the array encoding problem.

Expected behavior
We should ensure our eth_signTypedData implementation is spec-compliant, and that it does not produce non-standard/non-portable encodings, and that there is no remaining ambiguity in how data is interpreted. We can't accomplish these goals without breaking compatibility, so this will have to be released as signTypedData_v5.

See the eth-sig-util `signTypedData_v5 milestone for a list of related issues.

to be added after bug submission by internal support / PM
Severity

  • How critical is the impact of this bug on a user?
  • Add stats if available on % of customers impacted
  • Is this visible to all users?
  • Is this tech debt?
@Gudahtt Gudahtt added the type-bug Something isn't working label Sep 16, 2021
@omnat omnat added the Sev1-high An issue that may have caused fund loss or access to wallet in the past & may still be ongoing label Feb 1, 2022
@Fatxx Fatxx removed the Sev1-high An issue that may have caused fund loss or access to wallet in the past & may still be ongoing label Jun 21, 2022
@sethkfman sethkfman added the stale Issues that have not had activity in the last 90 days label Jun 9, 2023
@github-actions
Copy link
Contributor

This issue was closed because it has been stalled for 7 days with no activity. If you feel this was closed in error please reopen and provide evidence on the current production app. Thank you for your contributions.

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Jun 17, 2023
@Gudahtt Gudahtt reopened this Mar 4, 2024
@Gudahtt Gudahtt removed the stale Issues that have not had activity in the last 90 days label Mar 4, 2024
@github-project-automation github-project-automation bot moved this to To be fixed in Bugs by severity Mar 4, 2024
@bschorchit bschorchit added team-confirmations-system DEPRECATED: please use "team-confirmations" label instead Sev2-normal An issue that may lead to users misunderstanding some limited risks they are taking labels Mar 4, 2024
@github-project-automation github-project-automation bot moved this to To be fixed in Bugs by team Apr 9, 2024
@cryptotavares cryptotavares added the team-confirmations Push issues to confirmations team label Apr 24, 2024
@github-actions GitHub Actions
Copy link
Contributor

This issue has been automatically marked as stale because it has not had recent activity in the last 90 days. It will be closed in 7 days. Thank you for your contributions.

@github-actions github-actions bot added the stale Issues that have not had activity in the last 90 days label Jul 23, 2024
@github-actions GitHub Actions
Copy link
Contributor

This issue was closed because there has been no follow activity in 7 days. If you feel this was closed in error please provide evidence on the current production app in a new issue or comment in the existing issue to a maintainer. Thank you for your contributions.

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Jul 30, 2024
@github-project-automation github-project-automation bot moved this from To be fixed to Fixed in Bugs by team Jul 30, 2024
@github-project-automation github-project-automation bot moved this from To be fixed to Fixed in Bugs by severity Jul 30, 2024
@Gudahtt Gudahtt reopened this Jul 30, 2024
@github-project-automation github-project-automation bot moved this from Fixed to To be fixed in Bugs by severity Jul 30, 2024
@github-project-automation github-project-automation bot moved this from Fixed to To be fixed in Bugs by team Jul 30, 2024
@Gudahtt Gudahtt removed the stale Issues that have not had activity in the last 90 days label Jul 30, 2024
@bschorchit bschorchit removed the team-confirmations-system DEPRECATED: please use "team-confirmations" label instead label Aug 28, 2024
@bschorchit bschorchit changed the title signTypedData_v4 encoding problems signTypedData_v4 encoding problems on mobile Sep 18, 2024
@metamaskbot metamaskbot added the INVALID-ISSUE-TEMPLATE Issue's body doesn't match any issue template. label Sep 18, 2024
@github-actions GitHub Actions
Copy link
Contributor

This issue has been automatically marked as stale because it has not had recent activity in the last 90 days. It will be closed in 7 days. Thank you for your contributions.

@github-actions github-actions bot added the stale Issues that have not had activity in the last 90 days label Dec 17, 2024
@github-actions GitHub Actions
Copy link
Contributor

This issue was closed because there has been no follow activity in 7 days. If you feel this was closed in error please provide evidence on the current production app in a new issue or comment in the existing issue to a maintainer. Thank you for your contributions.

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Dec 24, 2024
@github-project-automation github-project-automation bot moved this from To be fixed to Fixed in Bugs by team Dec 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
INVALID-ISSUE-TEMPLATE Issue's body doesn't match any issue template. Sev2-normal An issue that may lead to users misunderstanding some limited risks they are taking stale Issues that have not had activity in the last 90 days team-confirmations Push issues to confirmations team type-bug Something isn't working
Projects
Bugs by severity
Archived in project
Bugs by team
Status: Fixed
Milestone
No milestone
Development

No branches or pull requests
7 participants
@Fatxx @Gudahtt @sethkfman @cryptotavares @bschorchit @metamaskbot @omnat