Skip to content

fix: normalize signature v value for proper recovery #250

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
cloudonshore wants to merge 1 commit into from
Closed

fix: normalize signature v value for proper recovery #250

cloudonshore wants to merge 1 commit into from

Conversation

@cloudonshore
Copy link

@cloudonshore cloudonshore commented Jan 29, 2026
edited by cursor bot
Loading

Summary

Ledger devices may return signature v as 0 or 1 (modern format), but Ethereum's ecrecover expects 27 or 28 (Yellow Paper §F). This causes "The signature doesnt match the right address" errors in signPersonalMessage and signTypedData.

Fix

if (v === 0 || v === 1) {
  v += 27;
}

Why This Wasn't Fixed Before

Original bug (pre-2022): The code subtracted 27 from v:

let v = payload.v - 27  // WRONG

This converted correct values (27/28) into incorrect ones (0/1).

PR #152 (August 2022): Changed to pass through the raw value:

let v = parseInt(payload.v, 10)  // Just pass through

This fixed the case where Ledger returns 27/28, but assumed Ledger always returns 27/28.

The gap: Ledger devices may return 0/1 depending on firmware, signing method, or device model. PR #152 didn't normalize these values.

Issue #10850 was closed prematurely in January 2024 with "I expect this was resolved in PR #152" — but PR #152 only fixed one direction of the problem.

References

This is a well-known issue with a standard fix across the ecosystem:

Note

Medium Risk
Touches signature construction/verification in signPersonalMessage and signTypedData, which can affect whether Ledger-signed messages are accepted or rejected. Change is small and well-covered by new tests, but it impacts crypto-critical signing paths.

Overview
Fixes Ledger message signing compatibility by normalizing returned v values: when the device returns 0/1, the keyring now converts them to 27/28 before building the 0x{r}{s}{v} signature in signPersonalMessage and signTypedData.

Updates tests to cover v normalization for 0/1 and to ensure 27/28 are preserved, adjusting expected signature suffixes and validating address recovery behavior.

Written by Cursor Bugbot for commit c4b59ee. This will update automatically on new commits. Configure here.

@cloudonshore cloudonshore requested a review from a team as a code owner January 29, 2026 20:23
@cloudonshore cloudonshore force-pushed the fix/normalize-signature-v-recovery branch from 168bb93 to 8c02ef9 Compare January 29, 2026 20:30
@cloudonshore
fix: normalize signature v value for proper recovery
c4b59ee 
Ledger devices may return v as 0 or 1 (modern format), but signature
recovery functions like `recoverPersonalSignature` and `recoverTypedSignature`
expect v to be 27 or 28 (legacy format per EIP-191/EIP-712).

This caused "The signature doesnt match the right address" errors when
Ledger returned v=0 or v=1, as the hex conversion produced "00"/"01"
instead of "1b"/"1c".

The fix normalizes v before hex conversion in both `signPersonalMessage`
and `signTypedData` methods.
@cloudonshore cloudonshore force-pushed the fix/normalize-signature-v-recovery branch from 8c02ef9 to c4b59ee Compare January 29, 2026 20:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cloudonshore