stackoom
  简体   繁体   中英

MekaVerse NFT smart contract is using ECDSA, but I don't understand how it works

 原文  2021-11-17 13:34:48       solidity/ signature/ smartcontracts/ ecdsa/ nft

Question

In the smart contract of MekaVerse I can see these lines to enable a whitelisting, but I don't understand the theory behind it and how I can use it.

function mint(uint256[] memory _tokensId, uint256 _timestamp, bytes memory _signature) public payable saleIsOpen {

    uint256 total = totalToken();
    require(_tokensId.length <= 2, "Max limit");
    require(total + _tokensId.length <= MAX_ELEMENTS, "Max limit");
    require(msg.value >= price(_tokensId.length), "Value below price");

    address wallet = _msgSender();

    address signerOwner = signatureWallet(wallet,_tokensId,_timestamp,_signature);
    require(signerOwner == owner(), "Not authorized to mint");

    require(block.timestamp >= _timestamp - 30, "Out of time");

    for(uint8 i = 0; i < _tokensId.length; i++){
        require(rawOwnerOf(_tokensId[i]) == address(0) && _tokensId[i] > 0 && _tokensId[i] <= MAX_ELEMENTS, "Token already minted");
        _mintAnElement(wallet, _tokensId[i]);
    }

}

function signatureWallet(address wallet, uint256[] memory _tokensId, uint256 _timestamp, bytes memory _signature) public view returns (address){

    return ECDSA.recover(keccak256(abi.encode(wallet, _tokensId, _timestamp)), _signature);

}

The interesting part that I don't understand is here:

address signerOwner = signatureWallet(wallet,_tokensId,_timestamp,_signature);
require(signerOwner == owner(), "Not authorized to mint")

And here:

function signatureWallet(address wallet, uint256[] memory _tokensId, uint256 _timestamp, bytes memory _signature) public view returns (address){

return ECDSA.recover(keccak256(abi.encode(wallet, _tokensId, _timestamp)), _signature);

}

Thank you for your help, Ben

1 answers

solution1
 0  2021-11-18 00:12:17

The MekaVerse contract uses the OpenZeppelin ECDSA implementation, specifically its recover() function. ECDSA stands for "Elliptic Curve Digital Signature Algorithm" and basically, it allows to sign a message using a private key and to check validity of the signature without providing the private key.

The recover() function takes 2 arguments in this case: bytes32 (array of 32 bytes) hash of a signed message, and bytes (dynamic-length array of bytes) signature . Then it validates whether the hash and signature match according to the ECDSA. If it does, it returns the signer address. If the validation fails, it returns the zero address ( 0x0 ).

Note that the signature is a result of signing a message using a private key - but it's not the private key.

You can learn more about signing messages in the web3 documentation of the sign() function. If you're interested in the ECDSA (or cryptography in general) in more depth, the wiki page shows some basic information and links to other sources.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can I tell if a smart contract on RSK is an NFT? How to Mint NFT to Exist Collenction with Smart Contract? How to write a burn function in smart contract for NFT? Smart Contract NFT Issue How to transfer a NFT to another smart contract? Can I use smart contract to mint my NFT without confirmation? Smart Contract NFT how to add price by code to whole items in collection? I need to understand below smart contract code I'm creating a smart contract to interact with specific NFTs. Is there a function to filter a specific NFT contract address? Exclusive NFT per smart contract in SOLIDITY
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM