chore: add magic number to sign payload of typed data

src/utils/crypto.ts

@@ -157,11 +157,13 @@ export function verify(
   return nacl.sign.detached.verify(data, signature, decode(address));
 }
 
+const messagePrefix = Buffer.from('aeternity Signed Message:\n', 'utf8');
+export const messagePrefixLength = varuintEncode(messagePrefix.length);
+
 // TODO: consider rename to hashMessage
 export function messageToHash(message: string): Buffer {
-  const p = Buffer.from('aeternity Signed Message:\n', 'utf8');
   const msg = Buffer.from(message, 'utf8');
-  return hash(concatBuffers([varuintEncode(p.length), p, varuintEncode(msg.length), msg]));
+  return hash(concatBuffers([messagePrefixLength, messagePrefix, varuintEncode(msg.length), msg]));
 }
 
 export function signMessage(message: string, privateKey: string | Buffer): Uint8Array {

src/utils/typed-data.ts

@@ -7,7 +7,7 @@ import ContractByteArrayEncoder from '@aeternity/aepp-calldata/src/ContractByteA
 import AciTypeResolver from '@aeternity/aepp-calldata/src/AciTypeResolver.js';
 import canonicalize from 'canonicalize';
 import { Encoded, decode } from './encoder';
-import { hash } from './crypto';
+import { hash, messagePrefixLength } from './crypto';
 import { concatBuffers } from './other';
 
 /**
@@ -89,5 +89,7 @@ export function hashTypedData(
   aci: AciValue,
   domain: Domain,
 ): Buffer {
-  return hash(concatBuffers([hashDomain(domain), hashJson(aci), hash(decode(data))]));
+  return hash(concatBuffers([
+    messagePrefixLength, new Uint8Array([0]), hashDomain(domain), hashJson(aci), hash(decode(data)),
+  ]));
 }

test/integration/typed-data.ts

@@ -71,12 +71,12 @@ describe('typed data', () => {
   describe('hashTypedData', () => {
     it('hashes int', async () => {
       const hash = hashTypedData(plainData, plainAci, domain);
-      expect(hash.toString('base64')).to.be.equal('dx3qpMQlMMijJAWfbecuoqsKDESjXZ0XoOfy7WIpRO0=');
+      expect(hash.toString('base64')).to.be.equal('XoUMXvMeNlw9taOVS+QTUlMNP0LUV/4wYX9dEuX/S+E=');
     });
 
     it('hashes record', async () => {
       const hash = hashTypedData(recordData, recordAci, domain);
-      expect(hash.toString('base64')).to.be.equal('WagBbUVTNJ+q/PUYUJbOno+pNM5Z1XNvdIZ4cLjiTwU=');
+      expect(hash.toString('base64')).to.be.equal('Rl4vsrwkDaEu6FXUHf4WMmIBESYJLGijJSLWyIrNPsg=');
     });
   });
 
@@ -120,7 +120,8 @@ describe('typed data', () => {
           + '\n  entrypoint hashTypedData(parameter: int): hash ='
           + `\n    let typeHash = Crypto.blake2b("${typeJson}")`
           + '\n    let dataHash = Crypto.blake2b(getTypedData(parameter))'
-          + '\n    Crypto.blake2b(Bytes.concat(getDomainHash(), Bytes.concat(typeHash, dataHash)))'
+          + '\n    let payload = Bytes.concat(getDomainHash(), Bytes.concat(typeHash, dataHash))'
+          + '\n    Crypto.blake2b(Bytes.concat(#1a00, payload))'
           + '\n'
           + '\n  entrypoint verify(parameter: int, pub: address, sig: signature): bool ='
           + '\n    require(parameter > 40 && parameter < 50, "Invalid parameter")'