wrong signRaw signature for polkadotjs due to u8aWrapBytes that forced adding <Bytes>...<Bytes> to payload before "sign" function

[S0c5]

• Bug report
• Feature request
• Support request
• Other

• What is the current behavior and expected behavior?

As a developer when I want to sign a RAW hex payload, this payload must not be manipulated by adding any additional data like this wrapper, That why it is named signRaw.

Sorry, but WDF, it was a terrible idea to wrap this with tag in the signer, that manipulation must be done on the Dapp side, not on the signer side. the change was introduced by e4ce268

• What is the motivation for changing the behavior?

I'm crafting a raw substrate transaction, and the payload must be RAW and not manipulated given that it can not be verified for the blockchain node.

Solution

To avoid break changes to anyone using that signRaw with bytes, I recommend including an extra type called 'raw' in the SignRawPayload, then if the type is raw no manipulation must be done.

• Version:

• Environment:

  • Node.js
  • Browser
  • Other (limited support for other environments)

• Language:

  • JavaScript
  • TypeScript (include tsc --version)
  • Other

[Tbaut]

This is obviously not a bug,and if you read the description of the pr, you'll see where it comes from #743

I'm not saying it's great, but it is what it is.

[S0c5]

I'd say it's a bug since it introduces an unwanted and undocumented behavior (I searched through the documentation and found no mention of that wrapping bytes feature), and today it doesn't follow the definition for "signRaw". Anyway, 😄 we must fix this, as there are plenty of use cases where we need to sign the payload as it is, more for low-level developers.

If the intention was to prevent evil actors from performing raw signatures, that must be in my opinion a warning in the UI that alerts to the user that a "low-level" operation is being performed.