What is Ecrecover function in Ethereum digital signatures and how does it secure these signatures?

تابع ecrecover در امضاهای دیجیتال

In Ethereum digital signatures, there is a function called Ecrecover that verifies the authenticity and integrity of the signed information and makes these signatures more secure. In this article to review Ecrecover function in digital signatures we pay But before that, with digital signatures, Digital signature algorithm Based on Elliptic curve (ECDSA)We learn digital signature standards and vulnerabilities in this field. Stay tuned to the country of blockchain.

What is a digital signature?

What is a digital signature?
Source: simplilearn

You’ve probably signed messages with your wallet, but have you ever thought about how it works? Performance Digital signatures Similar to asymmetric encryption. Asymmetric cryptography, also known as public key cryptography, is a process in which data is encrypted and decrypted using a pair of keys.

In digital signatures, a piece of information is signed by hashing the message with the sender’s private key (and obviously hashing the algorithm). This issue, one Hash Digest (Hash Digest or hash fingerprint) It produces a key that can only be recreated using one of the keys in the sender’s key pair. The receiver then uses the sender’s public key to hash the message and declare that it matches the received hash digest. In this way, the recipient can be sure that the sender was the person who signed the message and that the said message has not been altered or tampered with.

Elliptic Curve Digital Signature Algorithm (ECDSA)

If so far the digital signature algorithm based Elliptic curve (ECDSA) have heard, you probably know that this algorithm is one of the most complex and efficient public key encryption algorithms. Keys generated by elliptic curve cryptography are smaller than conventional keys generated by digital signature algorithms. However, these keys can provide the same level of security as other digital signature algorithms.

What is Ecrecover function in digital signatures?

Smart contracts on the platform of the Ethereum network, through Ecrecover function to the verification algorithm ECDSA signature have access This method verifies the authenticity and integrity of any signed information and retrieves the address corresponding to the signer using the VRS scheme and signature hash. VRS stands for Verifiable Ring Signature and means verifiable ring signature. This scheme allows users to sign transactions anonymously in a group; so that it can prove to the verifier that he is the signer of the message.

Signatures are interesting; Because users can confirm their mentioned items without registering the transaction. This feature is very useful because it can improve the user experience and by using Meta-transactions or ERC20-Permit (or ERC-20 permit, which we will talk more about later), reduce the cost of gas.

However, as usual, a better user experience and convenience for users usually comes at the cost of losing their security. For this reason, it is especially important to follow community-developed standards and best practices when interacting with digital signatures.

Digital signature standards

In the field of digital signature standards, we have 3 main types that can be used to sign information with an Ethereum key. These 3 types of standards are:

  • Eth_sign standard: It is the simplest, most powerful and, of course, the most dangerous way to sign messages. This method is used to sign desired information. In this way, users can sign information that enables future transactions without additional confirmations. This feature is very dangerous; Because users may unknowingly sign “unprotected” transactions. For this reason, the use of the eth_sign standard has been reduced.
  • Standard Personal_sign: The EIP-191 proposal has introduced a new format for signing information and ensuring transaction validity. In order to implement this method in Geth (the most popular Ethereum client for connecting a computer to the blockchain of this network), the words “\x19Ethereum Signed Message:\n” + len(message) are added to the beginning of all signed information; Therefore, it becomes impossible to use these signatures as valid transactions.
  • standard signTypedData_v4: The EIP-712 proposal was introduced to standardize the use of signatures in Ethereum and is currently widely used. This method is considered a standard that helps developers avoid common security issues when interacting with signatures.

EIP-712 proposal and its use in Ecrecover function

The main objective EIP-712 Ensuring that users know what they are signing. This EIP provides the transparent content and components of the network and address contract. Finally, this EIP aims to ensure that each signature can only be used by the intended contract.

These requirements and prerequisites combined Hash Domain Separator And Hash Typed Structured Data and their use in ecrecover function are obtained

  • Domain Separator Hash: Domain hash hash or Domain Separator In fact, it is a hash that is calculated and processed from domain information and is used to prevent the use and continuation of a signature in other decentralized applications.
  • Hash Typed Structured Data: The information to be signed is defined using Solidity’s main structures and types.
How to implement the EIP-712 proposal
How to implement the EIP-712 proposal. Source: journal0xrusowsky


Meta-transaction It is a method to separate the people who pay for the gas of the transaction and the people who earn profit from the execution of the transaction.

Users sign the metatransaction and then send it to the operator (note that since there is no interaction with the blockchain, there is no need for a hash to sign). The operator then receives the signed metatransaction, records it on the blockchain, and pays the normal transaction fee.

ERC-20 license or EIP-2612 proposal

The ERC-20 standard requires two different transactions, using a third-party smart contract, to transfer ERC-20 tokens from Externally Owned Account (EOA) transfer

First, the EOA must execute the ERC20.approve() transaction to whitelist the third-party smart contract. The EOA should then call this function from the third-party smart contract, which activates the ERC20.transferFrom() function. In this way, tokens are transferred.

By implementation EIP-2612 Also called ERC20 licensing, this process is simplified by using digital signatures. Using the ERC-20 token, users can sign the desired amount from their wallet and the operator can take care of the rest of the process.

Vulnerabilities and best practices to address them

  • Signature Reply attack: A signature can be used multiple times to perform the intended function, unless precautions are taken. In order to prevent these attacks and exploits, the use of nonces is highly recommended.
  • Signature Malleability: Due to the symmetrical structure of elliptic curves, for each set of v,r,s there is another set of v,r,s that have the same relationship to each other. This leads to the creation of two valid signatures and allows malicious actors and hackers to obtain the valid signature without targeting the private key. The easiest way to fix this vulnerability is to use the library ECDS OpenZeppelin Is.


This article examines the concept digital signature, ecrecover function in digital signatures And we discussed different types of signature standards in the Ethereum network and their vulnerabilities. We must also state that these signatures have completely provided the ground to prevent the occurrence of illegal actions. What do you think about this encryption application and its security? Will digital signature reach its maximum use?



Leave a Reply

Your email address will not be published.