Signatures for custom networks don't round trip
leighmcculloch opened this issue · comments
I'm having trouble getting a custom network passphrase to be used as verified successfully. If I sign a transaction using stc
with a custom network and then parse that transaction with stc
, the signature has a comment in parenthesis saying it is invalid. When I attempt to verify the transaction myself it appears to be invalid.
$ export STCDIR=$(mktemp -d)
$ export STCNET=sidenet
$ echo '[net "sidenet"]
network-id = "Sidenet"
native-asset = USD' > $STCDIR/$STCNET.net
$ account1=$(stc -nopass -keygen account1 | head -n1)
$ account2=$(stc -nopass -keygen account2 | head -n1)
$ signer=$(stc -nopass -keygen signer | head -n1)
$ echo -n "type: ENVELOPE_TYPE_TX
tx.sourceAccount: $account1
tx.seqNum: 1
tx.operations.len: 1
tx.operations[0].sourceAccount._present: false
tx.operations[0].body.type: PAYMENT
tx.operations[0].body.paymentOp.destination: $account2
tx.operations[0].body.paymentOp.asset: XLM
tx.operations[0].body.paymentOp.amount: 2" | stc -c -key signer -
AAAAAgAAAACRvmF5v6x7nFm74hWvLFeuDlX19dGiG1V5FPnIxT3BbgAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAQAAAAAAAAABAAAAAMKllbWMqkk4QRxkT9UBYBlTAc6HQ/BWETHi2IgzvMi9AAAAAAAAAAAAAAACAAAAAAAAAAEsRDafAAAAQMoiXGJlIEHZhxbCDT6eGyDHjHifw9sBwz2325ddLBh9wJw47ez/q5KyjnW1qo/tD91asxXXP0IcuLLQ0wV6Gws=
Take the output and pipe it back in and I see this:
$ echo -n 'AAAAAgAAAACRvmF5v6x7nFm74hWvLFeuDlX19dGiG1V5FPnIxT3BbgAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAQAAAAAAAAABAAAAAMKllbWMqkk4QRxkT9UBYBlTAc6HQ/BWETHi2IgzvMi9AAAAAAAAAAAAAAACAAAAAAAAAAEsRDafAAAAQMoiXGJlIEHZhxbCDT6eGyDHjHifw9sBwz2325ddLBh9wJw47ez/q5KyjnW1qo/tD91asxXXP0IcuLLQ0wV6Gws=' | stc -
type: ENVELOPE_TYPE_TX
tx.sourceAccount: GCI34YLZX6WHXHCZXPRBLLZMK6XA4VPV6XI2EG2VPEKPTSGFHXAW5BKN
tx.fee: 0
tx.seqNum: 1
tx.timeBounds._present: false
tx.memo.type: MEMO_NONE
tx.operations.len: 0
tx.ext.v: 0
signatures.len: 1
signatures[0].hint: 2c44369f (bad signature/unknown key/sidenet is wrong network)
signatures[0].signature: 83e5a0aceb3c15be1eff154a02300d567acbedf5c8e4a9d96c3a8069fa681761ae07fd299feb8b8a4facbc2a3f9ec3326c372d58ea908eda2685bc3357da010c
🤦 I realize my mistake here, I'm signing with signer and the tool has no way to know that signer is a signer of the account.