Status-react: iOS crashes on personal_sign

Hey @flexsurfer - would you have a chance to look at this quickly sometime early in the week? Clovers launches on the 20th, and it'd be nice to figure this one out by then...

hey @okwme thanks for the report, could you please share a snippet of your code that crashes? thanks

Hi @flexsurfer, gladly!
The eth_signTypedData line is right here: https://github.com/clovers-network/clovers-dapp/blob/dev/src/store/actions.js#L494
This seems to work in the app, I put in my password and I see the message that I'd like to sign. After confirming it the app goes black and crashes.

You can see there's a fallback method for using personal_sign right below that. I tried skipping eth_signTypedData in the status app and going straight to that but the app tells me my password is wrong when it prompts me to unlock for signing.

hey @okwme just checked on ios and android works well, JSON.parse(JSON.stringify(msgParams)) why do you have JSON.parse there btw ?

i can't reproduce a crash, but i found the reason why it doesn't work for clovers.network, because a string is expected not JS object, i added a condition to check that message is a string, we'll not show the password field overwise

Hi @flexsurfer
The JSON.parse(JSON.stringify(msgParams)) is to make a copy of the msgParams template, then add the current month & year to it. When it is fed into eth_signTypedData it is an array. I understand that is what eth_signTypedData expects, and when I try it as a string I get an error.

If you are referring to personal_sign you should see that it is in fact receiving a string. This is the msg.Params[0].value part of that.

const msgParams = [
  {
    type: 'string',
    name: 'Message',
    value: 'Please sign this message to authenticate with Clovers - '
  }
]

Here below is the code for eth_signTypedData:

      var now = new Date()
      var signingParams = JSON.parse(JSON.stringify(msgParams))
      var thisMonth = now.getMonth() + '/' + now.getFullYear()
      signingParams[0].value += thisMonth

      global.web3.currentProvider.sendAsync(
        {
          method: 'eth_signTypedData',
          params: [signingParams, account],
          from: account
        },
        (err, { error, result }) => {
          if (error || err) {
            return dispatch('oldSignIn', account)
          } else {
            dispatch('selfDestructMsg', {
              type: 'success',
              msg: 'Successfully signed in'
            })
            commit('SIGN_IN', { account, signature: result })
          }
        }
      )

you can see that in the error catch it tries oldSignIn which uses personal_sign. The value for signingParams[0].value is a string:

        var now = new Date()
        var signingParams = JSON.parse(JSON.stringify(msgParams))
        var thisMonth = now.getMonth() + '/' + now.getFullYear()
        signingParams[0].value += thisMonth

        global.web3.currentProvider.sendAsync({
          jsonrpc: '2.0',
          id: state.networkId || 1,
          method: 'personal_sign',
          params: [
            signingParams[0].value,
            account
          ]
        }, (err, signature) => { ... })

we support eth_signTypedData_v3 i'm not sure if we support eth_signTypedData i'll take a look

do you use this specification https://github.com/ethereum/EIPs/blob/master/EIPS/eip-712.md#specification-of-the-eth_signtypeddata-json-rpc ?

this is code example: https://github.com/dicether/js-eth-personal-sign-examples/blob/master/index.js#L255

oh man yea i think we're using the old version of the new version of signing messages ;_;
thanks for all these links and the support in general, i'm gonna revert to just personal_sign for now. It's working in the app after following the settings in your link ❤️