Unable to use Ed25519Verify with PyTeal and Python Algorand SDK

AlgoSDK
,
1

Hello here! I’m new in Algorand and I stuck with signature verification process inside smart contract.

There is my py-algorand-sdk snippet to send signed data with smart contract method call:

from algosdk.util import sign_bytes
from algosdk.atomic_transaction_composer import (
    AccountTransactionSigner,
    AtomicTransactionComposer
)

msg = f"foo,bar"
signature = sign_bytes(
    to_sign=msg.encode('utf8'),
    private_key=account_private_key
)

account_signer = AccountTransactionSigner(account_private_key)

atc = AtomicTransactionComposer()
atc.add_method_call(
    app_id=app_id,
    method=get_method(contract_abi_interface, method_name),
    sender=account_public_key,
    sp=algod_client.suggested_params(),
    signer=account_signer,
    method_args=[
        msg,
        signature,
    ],
)

resp = atc.execute(algod_client, 2)

There is my PyTeal code for Application:

from pyteal import Ed25519Verify, Global


Ed25519Verify(
    # message
    Txn.application_args[1]
    # signature
    Txn.application_args[2],
    # signer
    Global.creator_address(),
)

I don’t understand, how should I send the data, because I always get logic eval error: invalid signature..

Thank you for any help…

2

Hello,

You can see an example for this here:

Signing

Verifying

One thing that seems to get folks is that the data that is signed includes the hash of the contract that is doing the verification (note for an application this is different from the app address)

3

Thank you for your reply. I tried it and nothing changed… I will try again. Also, I found one method from Python SDK from algosdk.logic import teal_sign_from_program, but it didn’t help me as well…

4

Can you please clarify this? Thank you.

5

When you compile the program, it results in a binary representation of the program && a hash of the program.

For LSigs (in the example i posted) the address of the program is the same as the hash

For Applications, the address is the hash of the app id. A Common mistake is to try to use the address as a parameter for the Ed25519 Verify function, when it should always be the hash of the program.