From 916fe112417cae924557646ba9afeb6b517e11b4 Mon Sep 17 00:00:00 2001 From: Jeffrey Wilcke Date: Fri, 1 Apr 2016 00:43:14 +0200 Subject: [PATCH] eth: enforce signing hashes using eth_sign instead of arbitrary data --- eth/api.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/eth/api.go b/eth/api.go index 4a03a0940..80acd6910 100644 --- a/eth/api.go +++ b/eth/api.go @@ -1102,10 +1102,10 @@ func (s *PublicTransactionPoolAPI) SendRawTransaction(encodedTx string) (string, return tx.Hash().Hex(), nil } -// Sign will sign the given data string with the given address. The account corresponding with the address needs to -// be unlocked. -func (s *PublicTransactionPoolAPI) Sign(address common.Address, data string) (string, error) { - signature, error := s.am.Sign(accounts.Account{Address: address}, common.HexToHash(data).Bytes()) +// Sign signs the given hash using the key that matches the address. The key must be unlocked in order to sign the +// hash. +func (s *PublicTransactionPoolAPI) Sign(address common.Address, hash common.Hash) (string, error) { + signature, error := s.am.Sign(accounts.Account{Address: address}, hash[:]) return common.ToHex(signature), error }