Git Product home page Git Product logo

solana-ed25519-secp256k1-sig-verification's Introduction

Solana Ed25519 and Secp256k1 signature verification

On-chain Ed25519 and Secp256k1 signature verification using instruction introspection.

Built for checking Solana and Ethereum signatures, with examples (see tests).

Why and how

Solana does not have a way to implement Ed25519 or Secp256k1 sig verification on-chain on custom programs. That's why the native Ed25519Program and native Secp256k1Program exist, which have a set of instructions that can, amongst other things, verify signatures for those curves.

Therefore, the way to build custom instructions that "do" sig verification is by actually sending a transaction made of (at least) two instructions, and checking that the native program instruction was sent.

In doing so, these are the possible outcomes:

  • ❌ Native program instruction fails -> Custom instruction is never executed.
  • ❌ Native program instruction not supplied or supplied with wrong values -> Custom instruction fails to check that the Native program instruction was sent with the proper data, therefore gets rejected.
  • ✅ Native program instruction succeeds -> Custom instruction gets executed -> Custom instruction checks that the Native program instruction was sent with the proper data -> If that succeeds, we can say that Custom instruction indirectly verified the signature.

Instruction introspection

solana_program provides us with the load_instruction_at_checked function on the Instructions Sysvar, that allows us to recover the raw fields of an instruction at a given index (fields are program_id, accounts, data). In order for us to check that that instruction was constructed properly, we need to inspect the data byte array manually.

Building and testing

Install Anchor first.

There are two test files with the same concepts: one, signing using a Solana keypair (Ed25519 signatures); the other one, using an Ethereum Wallet (Secp256k1 signatures).

yarn install
anchor test

solana-ed25519-secp256k1-sig-verification's People

Contributors

guidodipietro avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

lincot katopz ochaloup danielbui12 666pulse delegate-sh arctek

solana-ed25519-secp256k1-sig-verification's Issues

Wallet adapter signMessage

The signature of MessageSign on the wallet adapter differs from @noble/ed25519. Would you happen to have any idea?

Error with compilling on "anchor test"

Hi there, I'm trying to run and test the project but on "anchor test" receive to following error:

image

error: target is not supported, for more information see: https://docs.rs/getrandom/#unsupported-targets
   --> src/lib.rs:267:9
    |
267 | /         compile_error!("\
268 | |             target is not supported, for more information see: \
269 | |             https://docs.rs/getrandom/#unsupported-targets\
270 | |         ");
    | |__________^

error[E0433]: failed to resolve: use of undeclared crate or module `imp`
   --> src/lib.rs:291:5
    |
291 |     imp::getrandom_inner(dest)
    |     ^^^ use of undeclared crate or module `imp`

For more information about this error, try `rustc --explain E0433`.
error: could not compile `getrandom` (lib) due to 2 previous errors
warning: build failed, waiting for other jobs to finish...

Steps to reproduce:

  • clone repository
  • yarn install
  • anchor test

Versions
Yarn: 1.22.19
Anchor: tried on 0.21.0 and 0.29.0
Node: v16.20.2

Environment:
WSL Ubuntu-20.04

[SOLVED]: Verifying NFC chip signature

I am attempting to verify a signature from an NFC chip using this program. Here is an example of the signature it emits:

{
  "input": {
    "keyNo": 1,
    "digest": "bcf83051a4d206c6e43d7eaa4c75429737ac0d5ee08ee68430443bd815e6ac05",
    "message": "010203"
  },
  "signature": {
    "raw": {
      "r": "93137bc7bfeaa86e26c6a9bbd6fb8acdf73ed5fd232cc2be1a0714f583f04d2e",
      "s": "7f5d7c2461daf8649587c3c510fce05a74146cbe79341427065d0d878d154a1b",
      "v": 27
    },
    "der": "304602210093137bc7bfeaa86e26c6a9bbd6fb8acdf73ed5fd232cc2be1a0714f583f04d2e02210080a283db9e25079b6a783c3aef031fa4469a702836148c14b97551054320f726",
    "ether": "0x93137bc7bfeaa86e26c6a9bbd6fb8acdf73ed5fd232cc2be1a0714f583f04d2e7f5d7c2461daf8649587c3c510fce05a74146cbe79341427065d0d878d154a1b1b"
  },
  "publicKey": "046ca7458b4c8c4f9a196094bda5f01ac1e588f6604bc2f7a58ba4d1fa3c3cb9102720bdb43f73972ea3dfc1c6ab8a6cb7d14114765eb76ff0fb2df34a5f7cab56",
  "etherAddress": "0x1aaBF638eC3c4A5C2D5cD14fd460Fee2c364c579"
}
  1. is it possible to verify this signature using this program?
  2. if so, can you provide a test case that does verify it?

Thank you in advance for the help!

[SOLVED]: Why can't we verify through a CPI?

  1. After read your check_ed25519_data function, I wonder, Isn't it suffice to do verify {msg, signature, pubkey} without IX data ? To my expecience on Ethereum, we can recover public key from signature, and compare it agaist pubkey

  2. Your Tx compose from 2 instructions, first one is sig verification IX. I think this first IX do verification also, then, why do we need to check sig again in second IX ?

How to verify signature of a signed message in PHP?

I’m currently trying to verify a signed message with Phantom in PHP but I haven’t found any resources. If anyone can explain me the theory of cryptography or knows a package to do this, I would be very happy!

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.