You can sign anything with Cardano-Signer now

Developers Cardano Integration
1

Hi,

i built a tool called cardano-signer a while ago, it is capable of signing hex, text and binary data with any key that is used in the cardano environment. it can also do verification. in addition it can generate CIP-0008 signed data and voting registration/deregistration inkl. voting-power delegation via CIP-0036 signed data too.

So if you need a tool on the CLI to sign/verify things, you can use it. Also useful as a debug tool for own development, etc.

Starting with v1.9.0, Cardano-Signer also supports the new deregistration metadata signing for CIP-0036.

Have fun with it, Martin

5 Likes
2

Hey Martin;

I’m trying to find a way to sign the Glacier/Midnight message with only a private key to the wallet that qualifies (no mnemonic). No Cardano wallets support “importing” so I thought your tool would work. It doesn’t seem to run on Ubuntu or Windows (I’m not a dev). Can you suggest anything?

1 Like
3

Hi @BlockBlox-MD ,

Cardano-Signer can be downloaded and extracted from the github link above → releases.

It works on Linux x86_64, Windows, Mac and ARM.

Do you have Cardano CLI Keys or what kind of keys do you have?

Short HowTo:

4

Is it possible to use cardano-signer verify to verify the signed data created by Eternl wallet?

Eg: From within Eternl wallet:

  1. Menu → Settings → App Utilities → Sign Data
  2. Enter my wallet first receive address and “Hello World” as text to sign.
  3. Click sign

The app asks for my password to sign etc. and completes the signature producing the following output:

  • key
  • public key
  • signature

How do I verify this using cardano-signer?

I have tried the following:

node cardano-signer.js verify \
  --cip8 \
  --data "Hello World" \
  --cose-sign1 "The signature output by the Eternl signing app" \
  --cose-key "The public key displayed by the Eternl signing app" \
  --json-extended \
  --include-maps

But I get the following error:

Error: Can’t cbor decode the given COSE_Key signature (Error: Additional info not implemented: 29)

6

Just did a test on my own, that worked normally:

./cardano-signer verify --cip8 \
   --cose-sign1 "845846a2012767616464726573735839011e3e2ae845795216d3374a33add3b49f7b6681c63a0b0226ef9ef83902ec21f74c4743671f0a61c5fb800477616ac701a2568d26709ec61da166686173686564f44b48656c6c6f20576f726c6458404f9c3221f9de8885313be2a3a74e642e4a30817f1ee41544f80fceacf0c711548dfdb0ae8369c9abe980ca098160bf3711dc9d9870a25156695ebd683e4c4b09" \
   --cose-key "a4010103272006215820ec7682865b3b5a08246bb84cdebe5abadac9db730e7d5cab1cbc78d328eff147" \
   --json-extended \
   --include-maps | jq

{
  "workMode": "verify-cip8",
  "result": "true",
  "addressHex": "011e3e2ae845795216d3374a33add3b49f7b6681c63a0b0226ef9ef83902ec21f74c4743671f0a61c5fb800477616ac701a2568d26709ec61d",
  "addressType": "payment base",
  "addressNetwork": "mainnet",
  "payloadDataHex": "48656c6c6f20576f726c64",
  "isHashed": "false",
  "verifyDataHex": "846a5369676e6174757265315846a2012767616464726573735839011e3e2ae845795216d3374a33add3b49f7b6681c63a0b0226ef9ef83902ec21f74c4743671f0a61c5fb800477616ac701a2568d26709ec61d404b48656c6c6f20576f726c64",
  "signature": "4f9c3221f9de8885313be2a3a74e642e4a30817f1ee41544f80fceacf0c711548dfdb0ae8369c9abe980ca098160bf3711dc9d9870a25156695ebd683e4c4b09",
  "publicKey": "ec7682865b3b5a08246bb84cdebe5abadac9db730e7d5cab1cbc78d328eff147",
  "maps": {
    "COSE_Key": {
      "1": 1,
      "3": -8,
      "-1": 6,
      "-2": "0xec7682865b3b5a08246bb84cdebe5abadac9db730e7d5cab1cbc78d328eff147"
    },
    "COSE_Sign1": [
      "0xa2012767616464726573735839011e3e2ae845795216d3374a33add3b49f7b6681c63a0b0226ef9ef83902ec21f74c4743671f0a61c5fb800477616ac701a2568d26709ec61d",
      {
        "hashed": false
      },
      "0x48656c6c6f20576f726c64",
      "0x4f9c3221f9de8885313be2a3a74e642e4a30817f1ee41544f80fceacf0c711548dfdb0ae8369c9abe980ca098160bf3711dc9d9870a25156695ebd683e4c4b09"
    ],
    "verifyData": [
      "Signature1",
      "0xa2012767616464726573735839011e3e2ae845795216d3374a33add3b49f7b6681c63a0b0226ef9ef83902ec21f74c4743671f0a61c5fb800477616ac701a2568d26709ec61d",
      "0x",
      "0x48656c6c6f20576f726c64"
    ],
    "protectedHeader": {
      "1": -8,
      "address": "0x011e3e2ae845795216d3374a33add3b49f7b6681c63a0b0226ef9ef83902ec21f74c4743671f0a61c5fb800477616ac701a2568d26709ec61d"
    }
  }
}
7

You have to use the Cose_Key, not the publicKey.

1 Like
8

From within Eternl I generated a new wallet and selected the first receive address then used the app to sign “Hello World” text.

Then used cardano-signer to verify the output:

node cardano-signer.js verify --cip8 --cose-sign1 "845846a201276761646472657373583901b288317d07c1ef4ae123df1c393d48f6b80e84eaf5d138ceee4927a0733971dfac27e0ee7bb5ce89f3560e7fd76a3edb8e92fe8e86fdd7d9a166686173686564f44b48656c6c6f20576f726c645840856e2d6ab67d9dc691b1af03b35e55e19f6b36c74a7368b7b9eeeb16407a57c52c1366a26c306d4a3f2a89d5e1f67f35c24c09f9e3325770b2685bb673cb1903" --cose-key "69baa9f2315b4be99bf8e064fe4b3be185689bac7a9f2e5c425c30e2a9e3f034" --json-extended --include-maps | jq

Error: Can’t cbor decode the given COSE_Key signature (TypeError: The encoded data was not valid for encoding utf-8)

I used what Eternl printed as the public key as the cose_key.

I guess I need to somehow get a cose_key from that public key that Eternl outputs?

9

you are using the publicKey, you must use the KEY output of eternl. the correct COSE_Key always starts with a4...

2 Likes
10

image
image633Ă—668 29.3 KB

1 Like
11

also, if you need it for backend and faster execution, i highly recommend to compile cardano-signer or use one of the precompiled binaries. :slight_smile:

1 Like
12

Thanks @ATADA . I used the value in “Key” as the cose_key and I think it worked. This is the output:

node cardano-signer.js verify --cip8 --data "Hello World" --cose-sign1 "845846a201276761646472657373583901b288317d07c1ef4ae123df1c393d48f6b80e84eaf5d138ceee4927a0733971dfac27e0ee7bb5ce89f3560e7fd76a3edb8e92fe8e86fdd7d9a166686173686564f44b48656c6c6f20576f726c645840856e2d6ab67d9dc691b1af03b35e55e19f6b36c74a7368b7b9eeeb16407a57c52c1366a26c306d4a3f2a89d5e1f67f35c24c09f9e3325770b2685bb673cb1903" --cose-key "a401010327200621582069baa9f2315b4be99bf8e064fe4b3be185689bac7a9f2e5c425c30e2a9e3f034" --json-extended --include-maps | jq
{
  "workMode": "verify-cip8",
  "result": "true",
  "addressHex": "01b288317d07c1ef4ae123df1c393d48f6b80e84eaf5d138ceee4927a0733971dfac27e0ee7bb5ce89f3560e7fd76a3edb8e92fe8e86fdd7d9",
  "addressType": "payment base",
  "addressNetwork": "mainnet",
  "payloadDataHex": "48656c6c6f20576f726c64",
  "isHashed": "false",
  "verifyDataHex": "846a5369676e6174757265315846a201276761646472657373583901b288317d07c1ef4ae123df1c393d48f6b80e84eaf5d138ceee4927a0733971dfac27e0ee7bb5ce89f3560e7fd76a3edb8e92fe8e86fdd7d9404b48656c6c6f20576f726c64",
  "signature": "856e2d6ab67d9dc691b1af03b35e55e19f6b36c74a7368b7b9eeeb16407a57c52c1366a26c306d4a3f2a89d5e1f67f35c24c09f9e3325770b2685bb673cb1903",
  "publicKey": "69baa9f2315b4be99bf8e064fe4b3be185689bac7a9f2e5c425c30e2a9e3f034",
  "maps": {
    "COSE_Key": {
      "1": 1,
      "3": -8,
      "-1": 6,
      "-2": "0x69baa9f2315b4be99bf8e064fe4b3be185689bac7a9f2e5c425c30e2a9e3f034"
    },
    "COSE_Sign1": [
      "0xa201276761646472657373583901b288317d07c1ef4ae123df1c393d48f6b80e84eaf5d138ceee4927a0733971dfac27e0ee7bb5ce89f3560e7fd76a3edb8e92fe8e86fdd7d9",
      {
        "hashed": false
      },
      "0x48656c6c6f20576f726c64",
      "0x856e2d6ab67d9dc691b1af03b35e55e19f6b36c74a7368b7b9eeeb16407a57c52c1366a26c306d4a3f2a89d5e1f67f35c24c09f9e3325770b2685bb673cb1903"
    ],
    "verifyData": [
      "Signature1",
      "0xa201276761646472657373583901b288317d07c1ef4ae123df1c393d48f6b80e84eaf5d138ceee4927a0733971dfac27e0ee7bb5ce89f3560e7fd76a3edb8e92fe8e86fdd7d9",
      "0x",
      "0x48656c6c6f20576f726c64"
    ],
    "protectedHeader": {
      "1": -8,
      "address": "0x01b288317d07c1ef4ae123df1c393d48f6b80e84eaf5d138ceee4927a0733971dfac27e0ee7bb5ce89f3560e7fd76a3edb8e92fe8e86fdd7d9"
    }
  }
}

But does that confirm that “Hello World” was the correct text signed?

Also, sorry for asking an obviously newb question, but how do I compile your code to a binary? I have cloned your Github repository: GitHub - gitmachtl/cardano-signer: Tool to sign data with a Cardano-Secret-Key // verify data with a Cardano-Public-Key // generate CIP-8, CIP-30, CIP-36 data // sign CIP-100/108/119 documents // generate Cardano keys like payment, stake, drep from a Derivation-Path with/without mnemonics

1 Like
13

Yes this confirms the correct signing of “Hello World”. If you don’t provide it via --data xxx than it takes the payload within the COSE_Sign1 data itself.

For the compiling, i compile it for x64 linux via pkg like:

pkg --compress GZip -t node18-linux-x64 cardano-signer
1 Like