diff --git a/EIPS/eip-7749.md b/EIPS/eip-7749.md index e04c7e1a1263f6..7b266d95e9067b 100644 --- a/EIPS/eip-7749.md +++ b/EIPS/eip-7749.md @@ -44,15 +44,40 @@ This method adds a prefix to the message to prevent malicious dApps from signing #### Parameters -1. `DATA` - 20-byte account address: The address signing the constructed message. -2. `DATA` - 20-byte account address: The intended validator address included in the message to sign. -3. `DATA` - Data string: The data to sign. +```js +interface WalletSignIntendedValidatorDataParams { + signerAddress: string; + validatorAddress: string; + dataToSign: string; +} +``` + + +1. `signerAddress` - 20-byte account address: The address signing the constructed message. +2. `validatorAddress` - 20-byte account address: The intended validator address included in the message to sign. +3. `dataToSign` - Data string: The data to sign. #### Returns -`DATA` - Signature. +`Signature` - The Ethereum Signature generated. + +## Rationale + +The `wallet_signIntendedValidatorData` method aims to bridge the gap between the simplicity of ERC-191 version 0x45 and the structured approach of EIP-712. By specifying the intended validator address, it reduces phishing risks and provides a more secure signing method for smart contract accounts and other use cases requiring a specific validator address. + +## Backwards Compatibility + +No backward compatibility issues found. -#### Example +## Test Cases + +### Example + +- Signer Address (`0x6aFbBC5e6AFcB251371711a6551E60ead2779Dc0`): This is the address of the account that will be used to sign the constructed message. We have access to the private key of this address, which allows us to generate the signature securely. + +- Verifier Address (`0x345B918b9E06fAa7B0e56bd71Ba418F31F47FED4`): This address represents the address verfying the signature, could be an EOA or a smart contract. For example, it could be a contract that performs specific actions based on the validity of the signature. By including this address in the data to be signed, we ensure that the signature cannot be reused by malicious actors for unintended purposes. + +- Data to Sign (`0x59616d656e`): This is the hex-encoded string representing the actual content to be signed. In this example, it is the hex encoding for the ASCII string "Yamen". The data, combined with the verifier address, is hashed and signed to generate a unique signature that cannot be used for any other purpose. **Request:** @@ -83,13 +108,7 @@ curl -X POST --data '{"jsonrpc":"2.0","method":"wallet_signIntendedValidatorData } ``` -## Rationale - -The `wallet_signIntendedValidatorData` method aims to bridge the gap between the simplicity of ERC-191 version 0x45 and the structured approach of EIP-712. By specifying the intended validator address, it reduces phishing risks and provides a more secure signing method for smart contract accounts and other use cases requiring a specific validator address. - -## Backwards Compatibility - -No backward compatibility issues found. +The result field contains the Ethereum signature generated by signing the hashed message according to version 0 of ERC-191. ## Security Considerations