-
Notifications
You must be signed in to change notification settings - Fork 11.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add strict ERC1271 Signature Checking in SignatureChecker library #3912
Comments
I'm confused by the code snippets, what is If someone is only interested in 1271 signatures, why not directly call |
Sorry @frangio , my code snippets confused you, the whole idea is to have an internal function that:
In this way, people can use it without having to do the low-level call again and handle the return value so it doesn't revert if the function doesn't exist. |
Got it, this makes sense. I'm less sure about the proposed return values. Why shouldn't we just return a boolean? |
I also think this should return a boolean.
looks good to me. |
is still dont understand what |
@Zatacka It was just an example to showcase how
So instead of doing all of these checks, they could be provided by |
🧐 Motivation
In the current
SignatureChecker
library, there is support to check if a signature is valid with theisValidSignatureNow(..)
function that checks the following:hash
andsignature
recover an address that is the same as thesigner
, it returns true.isValidSignature(..)
on thesigner
assuming it's a contract.What would be a great addition to the library is to have another internal function that checks if a signature is valid with ERC1271 only. So calling
isValidSignature(..)
directly on the signer.This function will be useful for functions that want to check the signature only via ERC1271. Then this internal function can be re-used in
isValidSignatureNow(..)
.📝 Details
The only thing that I would argue is that the newly created internal function, e.g
isValidERC1271SignatureNow(..)
should return the standard 4 bytes that will be returned by the function in case it's there, and if the function doesn't exist we can return the0xffffffff
fail value.In this way, people can use directly in isValidSignature standard function:
instead of having the following:
In this way, people are doing the work twice in the standard function:
The code above is doing the work twice, first in
isValidERC1271SignatureNow
, we are comparing thereturnValue
to return a boolean, and then inisValidSignature(..)
we are checking the boolean again to return the bytes4 value.This function will be mainly used for signature checking related to ERC1271, if you think this issue is relevant, let's discuss.
The text was updated successfully, but these errors were encountered: