2

I'm trying to offline sign a Tron transaction in Ruby.

TronGrid has an endpoint to sign transactions, but they require to send them the account private key in order to do it, which feels a potential risk, so I'd like to sign the transaction locally in order to avoid having the private key value leaving the server.

In the specific I'm trying to convert this Javascript method in Ruby: https://github.com/tronprotocol/tronweb/blob/master/src/utils/crypto.js#L218

I've been trying using both OpenSSL and a gem to do this without much success.

This is what I've got so far:

  bn = OpenSSL::BN.new(hex_private_key, 16)
  ec = OpenSSL::PKey::EC.new('secp256k1')
  ec.private_key = bn
  ec.dsa_sign_asn1(transaction_id).unpack1('H*')

and

  bn = OpenSSL::BN.new(hex_private_key, 16)
  private_key = EC::PrivateKey.new(bn.to_i)
  signature = private_key.sign(transaction_id)

The latter gives me the r and s that is then used in the javascript function (even though they wouldn't match what I'd get in JS), and I'm not sure where I could get that recoveryParam.

And the former doesn't return me the signature I was expecting.

I'm kinda lost on how to find out a way to sign those transactions.

Eric121
  • 21
  • 3

1 Answers1

0

Did you find out how to do it? In the example takes raw_data_hex:

  private static byte[] signTransaction2Byte(byte[] transaction, byte[] privateKey)
      throws InvalidProtocolBufferException {
    ECKey ecKey = ECKey.fromPrivate(privateKey);
    Transaction transaction1 = Transaction.parseFrom(transaction);
    byte[] rawdata = transaction1.getRawData().toByteArray();
    byte[] hash = Sha256Sm3Hash.hash(rawdata);
    byte[] sign = ecKey.sign(hash).toByteArray();
    return transaction1.toBuilder().addSignature(ByteString.copyFrom(sign)).build().toByteArray();
  }`

`Sha256Sm3Hash.hash` returns `sha256` or `sm3` depends on private key.
Eugene Stepanov
  • 16
  • 1