DApp Tutorial - Wiki Parity Tech Documentation

This is the tenth part of the Dapp Tutorial. We assume you’re familiar with the content of the past chapters.

⟵ 9th Part

Signing Data

We now come to signing messages. This can be useful if you would like to ensure your user agrees to some particular terms over and above an on-chain transaction, not dissimilar to a click-wrap license.

We will augment our voting contract to require a signed message (“I am eligible to vote!”) from the user prior to accepting the vote. To guard the vote function with this requirement, we’ll introduce the only_signed modifier which places the function body into an if statement conditional on an additional three parameters (which together constitute the signature) signing the message on behalf of the sender. We will also publish the message to be signed as a public field allowing us to get at it when we are in the dapp’s JS context.

Here’s the final Solidity code:

contract Counter {
	event Voted(address indexed who, uint indexed option);

	function vote(uint _option, uint8 _v, bytes32 _r, bytes32 _s)
	    only_signed(msg.sender, _v, _r, _s)
		if (hasVoted[msg.sender]) throw;
		hasVoted[msg.sender] = true;
		Voted(msg.sender, _option);

	modifier only_signed(address who, uint8 v, bytes32 r, bytes32 s) { if (ecrecover(STATEMENT_HASH, v, r, s) == who) _; else throw; }

	bytes32 constant public STATEMENT_HASH = sha3(STATEMENT);

	string constant public STATEMENT = "\x19Ethereum Signed Message:\n22I am eligible to vote!";

	mapping (uint => uint) public votes;
	mapping (address => bool) public hasVoted;

As you can see the main difference is that we have a couple of extra public fields (STATEMENT is the important one) and three extra parameters to the vote function.

Here is the compiled init code, the contract code hash and its ABI spec:

const CounterCode = '\
const CounterABI = [
const CounterCodeHash = '0xbd14a8001440940649ecfbd1e064132ebeff4487b8f9c57bea485a90067b1aee';	// TODO

With those three lines in place, we’re ready to introduce the signing logic.

Putting Pen to Paper

With Parity dapps, signing is very similar to creating a transaction or deploying a contract. We can use bonds.sign; it takes two arguments: the message to be signed and, optionally, the identity (address) that should sign it. The latter defaults to the user’s currently selected identity. The function returns a Bond which evaluates to the present status of the signing request, ending either in an object with a key called failed or (on success) an object with a key of signed, whose value is the three elements of the signature concatenated into 65 bytes of data. done works properly for this kind of Bond, which is convenient, as we’ll be relying on it.

Our changes will all take place in the Counter class. We’ll refactor the voting mechanism so the logic is in a new function, vote. Since we’ll be calling this from a handler, it makes sense to bind it to the object during the constructor, much as we did with App’s deploy function. So append this to the constructor function:

this.vote = this.vote.bind(this);

Next we’ll redirect the vote operation into (what will be) our vote function; change the line beginning vote={...} so that it now calls this.vote rather than attempting to vote directly there. Don’t forget we’ll need which option it represents, so pass i as a parameter:

vote={() => this.vote(i)}

Finally, we need to introduce the new voting function:

vote (option) {

Here, we must first have the user sign the required statement and then pass in this signature information if (and only if) the user went through with the signature.

First off, the message:

	let message = this.props.contract.STATEMENT().map(removeSigningPrefix);

This retrieves the STATEMENT field from the contract (the message which must be signed) and shaves off the text which is prepended automatically (and mandatorily) by our client. removeSigningPrefix comes from oo7-parity.js, so ensure you import that extra symbol. message will now be the string “I am eligible to vote!”.

Next, we initiate the signing operation. We call bonds.sign with our message. When done, we should check whether the user actually finished the operation (i.e. the final value is an object containing signed):

	bonds.sign(message).done(s => {
		if (s.signed) {

If the user did approve it to be signed, then we just execute similarly to before, calling vote on the contract. The main difference is that now we will pass the signature in, appending the three elements in the signature array as arguments into vote (i.e. ...s.signed):

			this.setState({tx: this.props.contract.vote(option, ...s.signed)});

And that’s it. If you try now (don’t forget to delete window.localStorage.counter first), you’ll find when you try to vote then the client gives you a statement to sign which you must approve. If you approve it, the operation will continue just as before.


The End?

And that concludes this initial series of Dapp tutorials. Over these ten lessons, you’ve learned how to get started in building a dapp, you’ve got the basics of Bonds, how they integrate with parity and React. You’ve learnt how to inspect aspects of the blockchain and display them. You’ve learnt how to send transactions and track their progress. You’ve learnt how to deploy a contract both manually and programatically. You’ve learnt how to interact with contracts by calling inspector functions, by tracking events and through transactions which mutate their state. And finally you’re learnt how to sign messages.

Now is the time to push forward. You’ll find comprehensive documentation for the Parity Bond interface on the wiki, as well as other resources that can help you improve and get productive.

Good luck!