Signature Validation

Recommended approaches to signature validation.

One of the most notable differences between various types of accounts to be built is different signature schemes. We expect accounts to support the EIP-1271 standard.

OpenZeppelin Libraries

The @openzeppelin/contracts/utils/cryptography/SignatureChecker.sol library provides a way to verify signatures for different account implementations. We strongly encourage you to use this library whenever you need to check that a signature of an account is correct.

Adding the library to your project

npm add @openzeppelin/contracts

Example of using the library

pragma solidity ^0.8.0;

import { SignatureChecker } from "@openzeppelin/contracts/utils/cryptography/SignatureChecker.sol";

contract TestSignatureChecker {
    using SignatureChecker for address;

    function isValidSignature(
        address _address,
        bytes32 _hash,
        bytes memory _signature
    ) public pure returns (bool) {
        return _address.isValidSignatureNow(_hash, _signature);
    }
}

Verifying AA signatures

Our SDK provides two methods within utils to verify the signature of an account: isMessageSignatureCorrect and isTypedDataSignatureCorrect.

import { utils, EIP712Signer } from "zksync-ethers";

const isValidMessageSignature = await utils.isMessageSignatureCorrect(provider, ADDRESS, message, messageSignature);

const isValidTypesSignature = await utils.isTypedDataSignatureCorrect(provider, ADDRESS, await eip712Signer.getDomain(), utils.EIP712_TYPES, EIP712Signer.getSignInput(tx), typedSignature);

Currently these methods only support verifying ECDSA signatures, but very soon they will support EIP1271 signature verification as well.

Both of these methods return true or false depending on whether the message signature is correct.

It is not recommended to use the ethers.js library to verify user signatures.

Validating Secp256r1 Signatures

The P256Verify precompile is available to validate secp256r1 signatures.

address constant P256 = 0x0000000000000000000000000000000000000100;

/**
* input[  0: 32] = signed data hash
* input[ 32: 64] = signature r
* input[ 64: 96] = signature s
* input[ 96:128] = public key x
* input[128:160] = public key y
*/
bytes memory input = abi.encodePacked(
    hash,
    rs[0],
    rs[1],
    pubKey[0],
    pubKey[1]
);

(bool __, bytes memory output) = P256.staticcall(input);
// if signature is valid:
// output = 0x0000000000000000000000000000000000000000000000000000000000000001
// if signature is NOT valid:
// output.length == 0

You can find a more in-depth example showing how it can be used in the "Signing Transactions with WebAuthn" tutorial.

Building Smart Accounts

Discover the process of building custom smart accounts.

Extending EIP-4337

Overview of the extensions to ZKsync's native Account Abstraction from EIP4337.

Made with ❤️ by the ZKsync Community