From 977b757cdf904ee401ffcc64b0edbad6042267e9 Mon Sep 17 00:00:00 2001
From: Ryan Schneider <ryanleeschneider@gmail.com>
Date: Fri, 16 Aug 2024 07:23:53 -0700
Subject: [PATCH] chore(signature): Double-check signature logic using
 third-party tools. (#152)

---
 adapters/flashbots/signature_test.go | 38 ++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/adapters/flashbots/signature_test.go b/adapters/flashbots/signature_test.go
index c0876bb..b5dbe6d 100644
--- a/adapters/flashbots/signature_test.go
+++ b/adapters/flashbots/signature_test.go
@@ -2,6 +2,7 @@ package flashbots_test
 
 import (
 	"fmt"
+	"strings"
 	"testing"
 
 	"github.com/ethereum/go-ethereum/accounts"
@@ -78,3 +79,40 @@ func TestParseSignature(t *testing.T) {
 		require.ErrorIs(t, err, flashbots.ErrInvalidSignature)
 	})
 }
+
+func TestVerifySignatureFromMetaMask(t *testing.T) {
+	// Source: use the "Sign Message" feature in Etherscan
+	// to sign the keccak256 hash of `Hello`
+	// Published to https://etherscan.io/verifySig/255560
+	messageHash := crypto.Keccak256Hash([]byte("Hello")).Hex()
+	require.Equal(t, `0x06b3dfaec148fb1bb2b066f10ec285e7c9bf402ab32aa78a5d38e34566810cd2`, messageHash)
+	address := `0x4bE0Cd2553356b4ABb8b6a1882325dAbC8d3013D`
+	signatureHash := `0xbf36915334f8fa93894cd54d491c31a89dbf917e9a4402b2779b73d21ecf46e36ff07db2bef6d10e92c99a02c1c5ea700b0b674dfa5d3ce9220822a7ebcc17101b`
+	header := address + ":" + signatureHash
+	signingAddress, err := flashbots.ParseSignature(
+		header,
+		[]byte(`Hello`),
+	)
+	require.NoError(t, err)
+	require.Equal(t, strings.ToLower(address), strings.ToLower(signingAddress))
+}
+
+func TestVerifySignatureCast(t *testing.T) {
+	// Source: use `cast wallet sign` in the `cast` CLI
+	// to sign the keccak256 hash of `Hello`:
+	// `cast wallet sign --interactive $(cast from-utf8 $(cast keccak Hello))`
+	// NOTE: The call to from-utf8 is required as cast wallet sign
+	// interprets inputs with a leading 0x as a byte array, not a string.
+	// Published to https://etherscan.io/verifySig/255562
+	messageHash := crypto.Keccak256Hash([]byte("Hello")).Hex()
+	require.Equal(t, `0x06b3dfaec148fb1bb2b066f10ec285e7c9bf402ab32aa78a5d38e34566810cd2`, messageHash)
+	address := `0x2485Aaa7C5453e04658378358f5E028150Dc7606`
+	signatureHash := `0xff2aa92eb8d8c2ca04f1755a4ddbff4bda6a5c9cefc8b706d5d8a21d3aa6fe7a20d3ec062fb5a4c1656fd2c14a8b33ca378b830d9b6168589bfee658e83745cc1b`
+	header := address + ":" + signatureHash
+	signingAddress, err := flashbots.ParseSignature(
+		header,
+		[]byte(`Hello`),
+	)
+	require.NoError(t, err)
+	require.Equal(t, strings.ToLower(address), strings.ToLower(signingAddress))
+}