ECDSA.tryRecover returned signer is not the same as the _signTypedData signer

[IanDorion]

Ethers Version

5.6.8

Search Terms

signTypedData, verifyTypedData, ECDSA.tryRecover

Describe the Problem

I am able to validate the signature with ethers verifyTypedData.

In the contract, I'm unable to retrieve the correct signer using ECDSA.tryRecover.

Also not sure if i'm suppose to include the domain or not based on previous issues I think it's now "ok" to leave it.

Code Snippet

let spender = tester.address
         let tokenId = 1                          
         let nonce = await item.nonces(tokenId)   
         let deadline = 1659095005                

  const typedData = {
      types: {
        Permit: [
          { name: "spender", type: "address" },
          { name: "tokenId", type: "uint256" },
          { name: "nonce", type: "uint256" },
          { name: "deadline", type: "uint256" },
        ],
      },
      primaryType: "Permit",
      domain: {
        name: await item.name(),
        version: "1",
        chainId: 31337,
        verifyingContract: item.address,
      },
      message: {
        spender,
        tokenId,
        nonce,
        deadline,
      },
    };


 const signature = await signer._signTypedData(
    typedData.domain,
    { Permit: typedData.types.Permit },
    typedData.message
  );

    let recovered = ethers.utils.verifyTypedData(
       typedData.domain, 
       typedData.types, 
       typedData.message, 
       signature
    )

// In the contract

// using 
import "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";

// solhint-disable-next-line var-name-mixedcase
  bytes32 private immutable _PERMIT_TYPEHASH =
    keccak256(
      "Permit(address spender,uint256 tokenId,uint256 nonce,uint256 deadline)"
    );

 function _permit(
    address spender,
    uint256 tokenId,
    uint256 deadline,
    bytes memory signature
  ) internal virtual {
    // solhint-disable-next-line not-rely-on-time
    require(block.timestamp <= deadline, "ERC721Permit: expired deadline");
     
    bytes32 structHash = keccak256(
      abi.encode(
        _PERMIT_TYPEHASH,
        spender,
        tokenId,
        _nonces[tokenId].current(),
        deadline
      )
    );
    bytes32 msghash = _hashTypedDataV4(structHash);           // could it be the hash?

    console.log("permit spender", spender);                   // valid
    console.log("permit tokenId", tokenId);                   // valid
    console.log("permit nonce", _nonces[tokenId].current());  // valid
       
    (address signer, ) = ECDSA.tryRecover(msghash, signature);// invalid signer
    console.log("permit signer", signer);

Contract ABI

No response

Errors

No response

Environment

Hardhat

Environment (Other)

No response

[ricmoo]

I haven't used EIP-712 much, but this has come up many times before and it is always an issue with constructing the payload to verify against. EIP-712 is very complex, so hopefully someone out there can help figure out the issue. If anyone has a good online example/tutorial, it would also be appreciated.

I also do not believe you should be able to omit the domain, as that would defeat its purpose and be a security issue. If anyone knows better though, please let me know.

[npasquie]

Struggling with a similar issue but I can definitely affirm the domain is absolutely mandatory

[MehmeDBDuran]

I had a similar issue. Later I realized the verifyingContract was unindefitied. I don't remember why but changing verifyingContract: item.address, to verifyingContract: item.target, fixed it (Under the domain).