Offline Signing

Offline Signature¶

Offline Signature refers to the process where a user signs specific data using their private key without directly broadcasting a transaction to the blockchain. This signature can subsequently be verified by anyone (or other contracts) on-chain.

Problem It Solves¶

Traditional Ethereum interactions require the user to initiate a transaction and pay Gas for every operation (such as token approvals or voting). This leads to the following issues: * Poor User Experience: Users need to wait for transaction confirmations. * High Cost: Even simple intent expressions (like voting) require paying Gas. * No Gas Sponsorship: The account initiating the transaction must hold ETH.

Offline signing technology solves these problems by allowing users to sign data (intents) off-chain, which is then submitted on-chain by someone else (a Relayer). This enables "Meta-Transactions" and "Gasless Transactions."

Implementation Mechanisms and Principles¶

The main offline signing standards in Ethereum include:

1. EIP-191 (Signed Data Standard):

   • Defines the basic format for signatures: 0x19 <1 byte version> <version specific data> <data to sign>.
   • The most commonly used is personal_sign (version 0x45), which prefixes the message with \x19Ethereum Signed Message:\n<length>. This is done to prevent signatures from being misused as legitimate Ethereum transactions (Ethereum transactions are RLP-encoded and do not start with 0x19).

2. EIP-712 (Typed Structured Data Hashing and Signing):

   • Problem: EIP-191 signatures typically sign an obscure hash value, and users cannot see or understand what they are signing in their wallet, creating blind signing risks.
   • Solution: EIP-712 defines a hashing standard for structured data (similar to JSON objects). Wallets can parse this structure and clearly display the specific data fields on the interface (e.g., To: Alice, Amount: 100), letting users know exactly what they are signing.
   • Domain Separator: EIP-712 introduces a domain separator (containing contract address, ChainID, etc.) to prevent signatures from being replayed across different DApps or chains.

Key Features¶

• Gas Optimization: The signature itself does not go on-chain and consumes no Gas.
• User Experience: This "sign as intent" pattern makes interactions smoother.
• Security: EIP-712 significantly improves signature readability and security.
• Meta-Transactions: Allows third parties (Relayers) to submit transactions and pay Gas on behalf of users; users only need to provide their signature.

Common Use Cases¶

• Permit (ERC-2612): Allows users to authorize token transfer allowances through a signature, without needing to send an approve transaction first.
• DEX Order Placement: For example, on OpenSea or Uniswap X, users sign orders, and on-chain settlement only occurs when matched.
• Off-Chain Voting: Such as Snapshot, where users sign votes and results are stored on IPFS.
• Login Authentication: Using Sign-In with Ethereum (SIWE) for identity verification.

Recommended Reading¶

• EIP-712: Typed structured data hashing and signing
• EIP-2612: Permit Extension for ERC20

Related Concepts¶

• ECDSA: Elliptic Curve Digital Signature Algorithm, the signing algorithm used by Ethereum.
• ecrecover: A Solidity built-in function for recovering the signer's address from a signature.
• Replay Attack: Prevented through Domain Separator and Nonce mechanisms.