Low level signing method roadmap

eth_raw_sign.md

• low-level signing method
  • Things that need to be done
    • Consider this kind of raw signing from security. Ask [[Christian Lundkvist]]
    • Consider drafting an EIP for this, so it can get broader security consideration.
  • Code that would need to be changed
    • eth-json-rpc-middleware is a nice-to-change, although we could make a middleware just for this method.
    • It looks like eth-simple-keyring already signs arbitrary data, so the validation is not done at this level.
    • eth-keyring-controller also just passes through to the keyring, no validation.
    • MetaMask Controller
      • add a new message manager
        • This part is unfortunate because we're really due to DRY up the "message managers" here, we're probably refactoring this code soon. For now you would basically copy the messageManager, probably duplicate that whole controller.
      • add test for new message manager
      • export signing methods to UI
      • expose signing methods from message manager
      • add message manager to UI state
    • UI changes
      • This part of the UI was recently refactored so I'd have to do more work to revisit/figure out what's different here now.
      • You'd be cloning all the eth_sign code, basically.

Update:

Here is the first Bitcoin tx signed by metamask: https://blockstream.info/testnet/tx/44283c6120c08777ca0e9ce84ceb7b889209be47f6e2b7df112249aad7c88efb