Update Log
- 2025-03-21: initial draft Add ERC: Key Verifiers by Amxx · Pull Request #986 · ethereum/ERCs · GitHub
Hi @amxx glad to see this ERC which generalize the signature verifications.
A signer is a
bytes
object that is the concatenation of an address and optionally a key:verifier || key
. A signer is at least 20 bytes long.
Question, was it intentional that byte packing rules was left out in verifier || key
as out of scope in this ERC?
There have been internal discussion with the other authors has to was is in scope and what is not.
IMO the encoding (verifier || key
) and the verification process that is documented in the “Reference Implementation” section should be standard. It was decided otherwise so that this ERC is not depending on 1271. Currently, only the verifier interface is in scope.
Do you think signer encoding should be more formally standardized?
IMHO in scope or out of scope, it’s fine either way. Just need to clarify in spec. So if you choose to leave it out of scope, please consider mentioning in Spec section too.
Since its publication, we’ve been working on ERC-7913 developments that enabled very expressive and standard use cases for smart accounts.
Account Signers
Account Modules (ERC-7579)
Utilities
Verifiers
Hi all!
I’ve been thinking about ERC-7913 in the context of frontend UIs and wallets. So far the ERC enables arbitrary signature verification so the UI doesn’t really need to know the signature algorithm as long as the user provides it with a valid one. However, there’s no standard way to request ERC-7913 signatures.
As opposed to EOAs that use regular wallets (e.g. Metamask) or smart contracts that may have their own UI, a frontend would need to know information about the verifier so it can ask the user for the signature. For example, if a verifier is a Groth16Verifier for ZKEmail proofs, then the frontend must be able to show a dialog waiting for an email to be sent and proved.
I was thinking the ERC could benefit from something like suggesting the following getters:
interface IERC7913SignatureVerifier {
// Existing
function verify(bytes calldata key, bytes32 hash, bytes calldata signature) external view returns (bytes4);
// OPTIONAL/RECOMMENDED
function algorithm() external view returns (string memory);
function version() external view returns (string memory);
}
Thoughts?
Overall, I see two types of entities to interract with ERC-7913 verifiers:
The first one knows what verifier to use. I don’t see them needing to do “feature discovery”. The second one doesn’t need to know how the signature is verified, so they also don’t need to do “feature discovery”.
To address you question about “there’s no standard way to request ERC-7913 signatures”. I don’t think there needs to be.
Right now, app application just “requests a signature”, and the wallet will provide a signature. That signature would be ECDSA. It could also be a ERC-1271 signature, which the wallet can build however it wants. In the case of multisig wallets, that “building the signature” may include multiple signer getting notifications, doing individual signatures, and the wallet gattering that into one big multisignature.
IMO wallets/signers that use 7913 would do just the same, in the sens that the app would request a signature for a given identity they support.
IMO, If there is something to standardise here its the “asking the signer what its identity is, getting a ERC-7913 identity back (>20bytes), and supporting that”. That would be a Wallet/Signer interface ERC.
As I mentioneed, I see ERC-7913 as an “extension” of ERC-1271. In both cases I believe its (only) about signature verification and not about signature generation. In the case of ERC-1271, there isn’t any function similar to the algorithm
or version
that you propose, and as we saw, this is just fine. Wallets know what account they are signing for, and generate the signature accordingly. IMO the same applied to ERC-7913.
That doesn’t mean that if someone wants to add algorithm()
or version()
they shouldn’t do it. But I don’t think we need to standardize these function in ERC-7913. I also believe these function would create more questions:
algorithm()
/version()
database to interpret what these functions return… so at that point its just as easy to have an verifier address
database.