Added Transaction and Signature support for non-canonical S values (#4223, #5013).

ricmoo · ricmoo · commit 855d72728aaa · 2025-09-05T22:21:12.000-04:00
diff --git a/src.ts/crypto/signature.ts b/src.ts/crypto/signature.ts
@@ -18,7 +18,10 @@ const BN_2 = BigInt(2);
 const BN_27 = BigInt(27);
 const BN_28 = BigInt(28);
 const BN_35 = BigInt(35);
+const BN_N = BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
+const BN_N_2 = BN_N / BN_2; // Must be integer (floor) division; do NOT shifts
 
+const inspect = Symbol.for("nodejs.util.inspect.custom");
 
 const _guard = { };
 
@@ -103,7 +106,8 @@ export class Signature {
      *  Returns true if the Signature is valid for [[link-eip-2]] signatures.
      */
     isValid(): boolean {
-        return (parseInt(this.#s.substring(0, 3)) < 8);
+        const s = BigInt(this.#s);
+        return (s <= BN_N_2);
     }
 
     /**
@@ -184,8 +188,25 @@ export class Signature {
         this.#networkV = null;
     }
 
-    [Symbol.for('nodejs.util.inspect.custom')](): string {
-        return `Signature { r: "${ this.r }", s: "${ this._s }"${ this.isValid() ? "": ', valid: "false"'}, yParity: ${ this.yParity }, networkV: ${ this.networkV } }`;
+    /**
+     *  Returns the canonical signature.
+     *
+     *  This is only necessary when dealing with legacy transaction which
+     *  did not enforce canonical S values (i.e. [[link-eip-2]]. Most
+     *  developers should never require this.
+     */
+    getCanonical(): Signature {
+        if (this.isValid()) { return this; }
+
+        // Compute the canonical signature; s' = N - s, v = !v
+        const s = BN_N - BigInt(this._s);
+        const v = <27 | 28>(55 - this.v);
+        const result = new Signature(_guard, this.r, toUint256(s), v);
+
+        // Populate the networkV if necessary
+        if (this.networkV) { result.#networkV =  this.networkV; }
+
+        return result;
     }
 
     /**
@@ -209,6 +230,17 @@ export class Signature {
         };
     }
 
+    [inspect](): string {
+        return this.toString();
+    }
+
+    toString(): string {
+        if (this.isValid()) {
+            return `Signature { r: ${ this.r }, s: ${ this._s }, v: ${ this.v } }`;
+        }
+        return `Signature { r: ${ this.r }, s: ${ this._s }, v: ${ this.v }, valid: false }`;
+    }
+
     /**
      *  Compute the chain ID from the ``v`` in a legacy EIP-155 transactions.
      *
diff --git a/src.ts/transaction/transaction.ts b/src.ts/transaction/transaction.ts
@@ -20,14 +20,15 @@ import type {
     AccessList, AccessListish, Authorization, AuthorizationLike
 } from "./index.js";
 
-
 const BN_0 = BigInt(0);
 const BN_2 = BigInt(2);
 const BN_27 = BigInt(27)
 const BN_28 = BigInt(28)
 const BN_35 = BigInt(35);
 const BN_MAX_UINT = BigInt("0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");
 
+const inspect = Symbol.for("nodejs.util.inspect.custom");
+
 const BLOB_SIZE = 4096 * 32;
 
 // The BLS Modulo; each field within a BLOb must be less than this
@@ -318,7 +319,7 @@ function formatAuthorizationList(value: Array<Authorization>): Array<Array<strin
             formatNumber(a.nonce, "nonce"),
             formatNumber(a.signature.yParity, "yParity"),
             toBeArray(a.signature.r),
-            toBeArray(a.signature.s)
+            toBeArray(a.signature._s)
         ];
     });
 }
@@ -434,7 +435,7 @@ function _serializeLegacy(tx: Transaction, sig: null | Signature): string {
     // Add the signature
     fields.push(toBeArray(v));
     fields.push(toBeArray(sig.r));
-    fields.push(toBeArray(sig.s));
+    fields.push(toBeArray(sig._s));
 
     return encodeRlp(fields);
 }
@@ -895,6 +896,20 @@ export class Transaction implements TransactionLike<string> {
         this.#sig = (value == null) ? null: Signature.from(value);
     }
 
+    isValid(): boolean {
+        const sig = this.signature;
+        if (sig && !sig.isValid()) { return false; }
+
+        const auths = this.authorizationList;
+        if (auths) {
+            for (const auth of auths) {
+                if (!auth.signature.isValid()) { return false; }
+            }
+        }
+
+        return true;
+    }
+
     /**
      *  The access list.
      *
@@ -1104,15 +1119,15 @@ export class Transaction implements TransactionLike<string> {
      */
     get from(): null | string {
         if (this.signature == null) { return null; }
-        return recoverAddress(this.unsignedHash, this.signature);
+        return recoverAddress(this.unsignedHash, this.signature.getCanonical());
     }
 
     /**
      *  The public key of the sender, if signed. Otherwise, ``null``.
      */
     get fromPublicKey(): null | string {
         if (this.signature == null) { return null; }
-        return SigningKey.recoverPublicKey(this.unsignedHash, this.signature);
+        return SigningKey.recoverPublicKey(this.unsignedHash, this.signature.getCanonical());
     }
 
     /**
@@ -1315,6 +1330,53 @@ export class Transaction implements TransactionLike<string> {
         };
     }
 
+    [inspect](): string {
+        return this.toString();
+    }
+
+    toString(): string {
+        const output: Array<string> = [ ];
+        const add = (key: string) => {
+            let value = (<any>this)[key];
+            if (typeof(value) === "string") { value = JSON.stringify(value); }
+            output.push(`${ key }: ${ value }`);
+        };
+
+        if (this.type) { add("type"); }
+        add("to");
+        add("data");
+        add("nonce");
+        add("gasLimit");
+        add("value");
+        if (this.chainId != null) { add("chainId"); }
+        if (this.signature) {
+            add("from");
+            output.push(`signature: ${ this.signature.toString() }`);
+        }
+
+        // @TODO: accessList
+
+        // @TODO: blobs (might make output huge; maybe just include a flag?)
+
+        const auths = this.authorizationList;
+        if (auths) {
+            const outputAuths: Array<string> = [ ];
+            for (const auth of auths) {
+                const o: Array<string> = [ ];
+                o.push(`address: ${ JSON.stringify(auth.address) }`);
+                if (auth.nonce != null) { o.push(`nonce: ${ auth.nonce }`); }
+                if (auth.chainId != null) { o.push(`chainId: ${ auth.chainId }`); }
+                if (auth.signature) {
+                    o.push(`signature: ${ auth.signature.toString() }`);
+                }
+                outputAuths.push(`Authorization { ${ o.join(", ") } }`);
+            }
+            output.push(`authorizations: [ ${ outputAuths.join(", ") } ]`);
+        }
+
+        return `Transaction { ${ output.join(", ") } }`;
+    }
+
     /**
      *  Create a **Transaction** from a serialized transaction or a
      *  Transaction-like object.
