ETH Signature Challenges
ETH Signature Challenges are a type of approval criteria that require users to provide valid Ethereum signatures from a predetermined signer to complete transfers. The signer approves the address by signing a message that contains the address and a nonce. This feature allows for secure, on-chain verification of off-chain authorization without the complexity of Merkle trees.
Overview
ETH Signature Challenges work by requiring users to provide Ethereum signatures that prove they have authorization from specific Ethereum addresses. Each signature can only be used once, preventing replay attacks and ensuring the security of the approval system.
How It Works
Signature Scheme
The signature scheme follows the pattern:
ETHSign(nonce + "-" + creatorAddress)
Where:
nonce
: A unique identifier provided by the usercreatorAddress
: The address of the collection creator-
: A literal dash character separating the two values
Challenge Structure
Each ETH Signature Challenge contains:
signer
: The Ethereum address that must sign the challengechallengeTrackerId
: Unique identifier for tracking used signaturesuri
: Optional metadata URIcustomData
: Optional custom data
Proof Structure
Users provide ETH Signature Proofs containing:
nonce
: The nonce that was signedsignature
: The Ethereum signature of the nonce
Key Features
One-Time Use Signatures
Each signature can only be used once per challenge tracker. This prevents:
Replay attacks
Double-spending of approvals
Unauthorized reuse of signatures
Multiple Signers
You can require signatures from multiple Ethereum addresses in a single approval:
{
"ethSignatureChallenges": [
{
"signer": "0x1234567890123456789012345678901234567890",
"challengeTrackerId": "challenge1"
},
{
"signer": "0x0987654321098765432109876543210987654321",
"challengeTrackerId": "challenge2"
}
]
}
Implementation Details
Signature Verification
The system verifies signatures by:
Reconstructing the signed message:
nonce + "-" + creatorAddress
Recovering the signer address from the signature
Comparing the recovered address with the expected
signer
addressChecking that the signature hasn't been used before
Storage
Used signatures are tracked in the blockchain state using:
Key:
ETHSignatureTrackerKey
with challenge tracker IDValue: Number of times the signature has been used (increment-only per tracker ID)
Quick Reference
Interface Definitions
interface ETHSignatureChallenge {
signer: string; // Ethereum address that must sign
challengeTrackerId: string; // Unique ID for tracking used signatures
uri?: string; // Optional metadata URI
customData?: string; // Optional custom data
}
interface ETHSignatureProof {
nonce: string; // The nonce that was signed
signature: string; // Ethereum signature
}
Error Handling
Common error scenarios:
Invalid Signature: Signature doesn't match the expected signer
Already Used: Signature has been used before
Missing Proof: Required ETH signature proof not provided
Invalid Nonce: Nonce format or content is invalid
The system provides clear error messages to help users understand and resolve issues.
Last updated