Return to Answer

explain hashing and typeHash

edited Feb 21, 2024 at 5:26

86.6k
54
289
418

EIP-712 is about "hashing and signing of typed structured data".

It does provide "an extensible mechanism for domain separation" which is important for security, but the goal of EIP-712 is to make it clearer to users what they are signing.

Wallets and applications can use EIP-712 to improve the UX of signing.

For example, seeing 2 structs of type Person here is clearer than just seeing names and (wallet) addresses:

Without the typeHash, the user would actually just see a bytestring for signing:

Now if you accept types, then you need a way to make each type unique: a user should know are they signing typeA or typeB. Hashing is a way to do this. A collision is when 2 types hash to the same value. To give an example of a collision described by Alternative 2 in https://eips.ethereum.org/EIPS/eip-712#rationale-for-typehash, see https://www.4byte.directory/signatures/?bytes4_signature=0x01ffc9a7

A user should know are they signing pizza_mandate_apology(uint256) or supportsInterface(bytes4) and Alternative 2 doesn't distinguish and so it wasn't chosen as the way to compute typeHash.

EIP-712 is about "hashing and signing of typed structured data".

It does provide "an extensible mechanism for domain separation" which is important for security, but the goal of EIP-712 is to make it clearer to users what they are signing.

Wallets and applications can use EIP-712 to improve the UX of signing.

For example, seeing 2 structs of type Person here is clearer than just seeing names and (wallet) addresses:

Without the typeHash, the user would actually just see a bytestring for signing:

EIP-712 is about "hashing and signing of typed structured data".

It does provide "an extensible mechanism for domain separation" which is important for security, but the goal of EIP-712 is to make it clearer to users what they are signing.

Wallets and applications can use EIP-712 to improve the UX of signing.

For example, seeing 2 structs of type Person here is clearer than just seeing names and (wallet) addresses:

Without the typeHash, the user would actually just see a bytestring for signing:

Now if you accept types, then you need a way to make each type unique: a user should know are they signing typeA or typeB. Hashing is a way to do this. A collision is when 2 types hash to the same value. To give an example of a collision described by Alternative 2 in https://eips.ethereum.org/EIPS/eip-712#rationale-for-typehash, see https://www.4byte.directory/signatures/?bytes4_signature=0x01ffc9a7

A user should know are they signing pizza_mandate_apology(uint256) or supportsInterface(bytes4) and Alternative 2 doesn't distinguish and so it wasn't chosen as the way to compute typeHash.

answered Feb 17, 2024 at 4:26

86.6k
54
289
418

EIP-712 is about "hashing and signing of typed structured data".

It does provide "an extensible mechanism for domain separation" which is important for security, but the goal of EIP-712 is to make it clearer to users what they are signing.

Wallets and applications can use EIP-712 to improve the UX of signing.

For example, seeing 2 structs of type Person here is clearer than just seeing names and (wallet) addresses:

Without the typeHash, the user would actually just see a bytestring for signing: