Merge PR #3968: Documentation on how to sign Cosmos transactions
This commit is contained in:
parent
2ca86c8605
commit
2788c2250d
|
@ -121,3 +121,69 @@ mechanism for instance.
|
|||
In order to generate an unsigned transaction (example with
|
||||
[coin transfer](https://cosmos.network/rpc/#/ICS20/post_bank_accounts__address__transfers)),
|
||||
you need to use the field `generate_only` in the body of `base_req`.
|
||||
|
||||
## Cosmos SDK Transaction Signing
|
||||
|
||||
Cosmos SDK transaction signing is a fairly simple process.
|
||||
|
||||
Every Cosmos SDK transaction has a canonical JSON representation. The `gaiacli`
|
||||
and Stargate REST interfaces provide canonical JSON representations of transactions
|
||||
and their "broadcast" functions will provide compact Amino (a protobuf-like wire format)
|
||||
encoding translations.
|
||||
|
||||
Things to know when signing messages:
|
||||
|
||||
The format is as follows
|
||||
|
||||
```json
|
||||
{
|
||||
"account_number": XXX,
|
||||
"chain_id": XXX,
|
||||
"fee": XXX,
|
||||
"sequence": XXX,
|
||||
"memo": XXX,
|
||||
"msgs": XXX
|
||||
}
|
||||
```
|
||||
|
||||
The signer must supply `"chain_id"`, `"account number"` and `"sequence number"`.
|
||||
|
||||
The `"fee"`, `"msgs"` and `"memo"` fields will be supplied by the transaction
|
||||
composer interface.
|
||||
|
||||
The `"account_number"` and `"sequence"` fields can be queried directly from the
|
||||
blockchain or cached locally. Getting these numbers wrong, along with the chainID,
|
||||
is a common cause of invalid signature error. You can load the mempool of a full
|
||||
node or validator with a sequence of uncommitted transactions with incrementing
|
||||
sequence numbers and it will mostly do the correct thing.
|
||||
|
||||
Before signing, all keys are lexicographically sorted and all white space is
|
||||
removed from the JSON output.
|
||||
|
||||
The signature encoding is the 64-byte concatenation of ECDSArands (i.e. `r || s`),
|
||||
where `s` is lexicographically less than its inverse in order to prevent malleability.
|
||||
This is like Ethereum, but without the extra byte for PubKey recovery, since
|
||||
Tendermint assumes the PubKey is always provided anyway.
|
||||
|
||||
Signatures and public key examples in a signed transaction:
|
||||
|
||||
``` json
|
||||
{
|
||||
"type": "auth/StdTx",
|
||||
"value": {
|
||||
"msg": [...],
|
||||
"signatures": [
|
||||
{
|
||||
"pub_key": {
|
||||
"type": "tendermint/PubKeySecp256k1",
|
||||
"value": XXX
|
||||
},
|
||||
"signature": XXX
|
||||
}
|
||||
],
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
Once signatures are properly generated, insert the JSON into into the generated
|
||||
transaction and then use the broadcast endpoint.
|
||||
|
|
Loading…
Reference in New Issue