Bug in tronapi.trx.Trx.verify_message/sign.
oldnote opened this issue · 3 comments
oldnote commented
Code example
TRON_SETTINGS = {
'full_node': 'https://api.shasta.trongrid.io',
'solidity_node': 'https://api.shasta.trongrid.io',
'event_server': 'https://api.shasta.trongrid.io',
}
tron = tronapi.Tron(**TRON_SETTINGS)
account = tron.create_account # XXX: create_account is property.
tron.private_key = account.private_key
tron.default_address = account.address.base58
message = tron.toHex(text='hello')
signed = tron.trx.sign(message)
tron.trx.verify_message(message, signed)Result is always ValueError: Signature does not match.
I've inspected tronapi.trx.Trx.sign and tronapi.trx.Trx.verify_message and found that they have different code for header definition:
tronapi.trx.Trx.sign
# Determine which header to attach to the message
# before encrypting or decrypting
header = TRX_MESSAGE_HEADER if use_tron else ETH_MESSAGE_HEADER
header += str(len(transaction))
message_hash = self.tron.keccak(text=header+transaction)tronapi.trx.Trx.verify_message
# Determine which header to attach to the message
# before encrypting or decrypting
header = TRX_MESSAGE_HEADER if use_tron else ETH_MESSAGE_HEADER
message_hash = self.tron.keccak(text=header+message)Adding header += str(len(message)) string into tronapi.trx.Trx.verify_message fixes the problem.
serderovsh commented
oldnote commented
@serderovsh add new tag please, i can't install version with changes.
birdonwheels5 commented
@Anon731 Can you please provide a complete working code sample with the added header? I'm trying to use your suggestion but not having much luck.
Edit: I ended up using the NodeJS API to correctly match the signature generated with the clientside tronweb API. The python API really shouldn't be doing this differently.