Skip to content

[PROTOCOL]: Is there a way to sign arbitrary external messages? #172

New issue
New issue
Open
Open
[PROTOCOL]: Is there a way to sign arbitrary external messages?#172
Assignees
thekiba
Labels
questionFurther information is requested
@pepeic

Description

@pepeic
pepeic
opened on May 30, 2024

Your Question

In the title. This is general question, since I don't see any api which would allow that.

Context

I'm making a telegram bot which should charge some amount of money from users every month depending on their subscription plan.
I've learned that V4 wallets allow doing that via plugins. I also found this example contract which does exactly that.
However the issue is that I need to send signed external message to the wallet contract. And thats my issue, I didn't find a way to sign the message.

What have you tried so far?

Maybe I'm missing something, but I've checked a lot of sources and docs before writing this issue.
All the sources I've read so far were using private key, in most cases derived directly from mnemonics which is unacceptable absurd nonsense cos nobody gonna give their private keys nor mnemonics to third parties unless these are wallets. These examples also ain't suitable for obvious reasons in my case anyway.
I also found Sign Data request which at first seemed like what I was looking for but it wasn't, because according to the documentation signature will be computed after internally transforming the data. To make it clear what I mean Sign Data will compute signature from the data transformed this way:
signature_from_sign_data = ed25519(uint32be(schema_crc) ++ uint64be(timestamp) ++ cell_hash(X))
while V4 wallet contract will check signature for the whole hashed message after signature data, which will look like this:
signature_expected_by_wallet = ed25519(cell_hash(X[64..]))
So it is obvious signature_from_sign_data won't match signature_expected_by_wallet unless there's sha512 hash collision which is used under the hood of ed25519 signing algorithm which is almost impossible scenario, means the Sign Data method is not suitable in my case.

I know my question may look silly but after doing my own research I didn't find anything suitable. I'm new to the TON blockchain and maybe missing something, but I believe there must be a way to do that cos otherwise there should be no reason to document this and state that there are bots which can do this.

Relevant Code or Commands

No response

Documentation Check

  • Yes, I have checked the documentation.

Metadata

Metadata

Assignees

Labels

questionFurther information is requested

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions