Skip to content

feat(cheatcodes): Add vm.signWithNonce(privateKey, digest, nonce) cheatcode (Crypto) #11267

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 29 commits into
base: master
Choose a base branch
from
Open

feat(cheatcodes): Add vm.signWithNonce(privateKey, digest, nonce) cheatcode (Crypto) #11267

wants to merge 29 commits into from

Conversation

Ectario
Copy link

@Ectario Ectario commented Aug 10, 2025
edited
Loading

Motivation

Security researchers and advanced test writers sometimes need to create deterministic ECDSA signatures with a chosen ephemeral nonce k.

This is useful to:

  • Reproduce signatures deterministically for debugging or reproducibility.
  • Stress test and fuzz systems that rely on signature uniqueness.

Currently, Foundry's vm.sign only derives k internally (RFC6979) and does not allow injecting a fixed nonce.
For security testing and deeper protocol analysis, we need a way to supply k manually.

Closes #11266.

Solution

This PR introduces a new cheatcode:

function signWithNonce(uint256 privateKey, bytes32 digest, uint256 nonce)
    external
    returns (uint8 v, bytes32 r, bytes32 s);
  • Signs digest on secp256k1 using privateKey and a user-supplied nonce k.
  • Requires both privateKey and nonce to be in (0, n) where n is the secp256k1 curve order.
  • Performs low-s normalization and recovery id computation.
  • Intended primarily for security testing, fuzzing, and reproducing edge cases — not for production signing.

Changes include:

  • crypto.rs implementation of the fixed-nonce signing path.
  • Integration in the cheatcodes Vm.sol interface.
  • New Solidity tests in testdata/default/cheats/Sign.t.sol covering valid and invalid nonce cases.

PR Checklist

  • Added Tests
  • Added Documentation

Question

EDIT: Just wondering, was it intentional to not have cargo cheats included in the make pr target in the Makefile? (And is it expected that the first cargo cheats crashes but the second runs fine?)

@Ectario Ectario requested a review from DaniPopes as a code owner August 10, 2025 15:38
@Ectario Ectario changed the title Gen sig with nonce feat: Add vm.signWithNonce(privateKey, digest, nonce) cheatcode (Crypto) Aug 10, 2025
@Ectario Ectario changed the title feat: Add vm.signWithNonce(privateKey, digest, nonce) cheatcode (Crypto) feat(cheatcodes): Add vm.signWithNonce(privateKey, digest, nonce) cheatcode (Crypto) Aug 12, 2025
@Ectario Ectario changed the title feat(cheatcodes): Add vm.signWithNonce(privateKey, digest, nonce) cheatcode (Crypto) feat(cheatcodes): Add vm.signWithNonce(privateKey, digest, nonce) cheatcode (Crypto) Aug 12, 2025
onbjerg
onbjerg reviewed Aug 21, 2025
View reviewed changes
Copy link
Collaborator

@onbjerg onbjerg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some nits (not a final review)

Ectario and others added 2 commits August 21, 2025 17:06
@Ectario @onbjerg
Update crates/cheatcodes/spec/src/vm.rs
269d851 
review modification

Co-authored-by: onbjerg <[email protected]>
@Ectario @onbjerg
Update crates/cheatcodes/src/crypto.rs
1b24256 
review modification (better format)

Co-authored-by: onbjerg <[email protected]>
@0xrusowsky
Copy link
Contributor

given the security concerns, and the fact that this is only useful for security researchers, imo we should rename the cheatcode to include the unsafe word (or any other visual warning that discourages SC devs from using it without a very good reason).

i'd either do unsafeSignWithNonce or signWithNonceUnsafe

@Ectario
Copy link
Author

Ectario commented Aug 21, 2025

given the security concerns, and the fact that this is only useful for security researchers, imo we should rename the cheatcode to include the unsafe word (or any other visual warning that discourages SC devs from using it without a very good reason).

i'd either do unsafeSignWithNonce or signWithNonceUnsafe

That's a good idea.
(I think the second option signWithNonceUnsafe is better, since IDEs will suggest it when just typing vm.sign)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@onbjerg onbjerg onbjerg left review comments

@DaniPopes DaniPopes Awaiting requested review from DaniPopes DaniPopes is a code owner

@klkvr klkvr Awaiting requested review from klkvr klkvr is a code owner

@mattsse mattsse Awaiting requested review from mattsse mattsse is a code owner

@grandizzy grandizzy Awaiting requested review from grandizzy grandizzy is a code owner

@yash-atreya yash-atreya Awaiting requested review from yash-atreya yash-atreya is a code owner

@zerosnacks zerosnacks Awaiting requested review from zerosnacks zerosnacks is a code owner

@0xrusowsky 0xrusowsky Awaiting requested review from 0xrusowsky 0xrusowsky is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
Foundry
Status: No status
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(cheatcode): Add vm.signWithNonce(privateKey, digest, nonce) cheatcode (Crypto)
3 participants
@Ectario @0xrusowsky @onbjerg