MX vs TX Bytes Prefix for verifyBytes() vs signTransaction()

[trevormil]

Problem

verifyBytes() checks for the prefix appended with MX, but sign functions such as signTransaction() append TX to the front. This then causes the verifyBytes() function to return false every time when these two functions are used together (which it seems like they should be able to). You should be able to signTransaction using SDK and verifyBytes using SDK and have no errors between the two.

Solution

I am not too familiar with the Algorand specifications and technical details. The MX vs TX may be a technical implementation that I don't know about. If this is the case, I would recommend making the docs explanation a little clearer for verifyBytes() or explain this somehow.

If this is actually an error, I'd recommend making it standard for both including MX or both including TX. It would've saved me a lot of time if this was explained.

Dependencies

No.

Urgency

It is a really easy fix that could help out a lot of developers like me with usability.

[barnjamin]

I agree if its going to be a common use case it should be available in the SDK.

The method verifyBytes is meant for the signing of arbitrary bytes. The prefix MX is a domain separator for any non specified bytestring and can be used with signBytes methods. The full list of domain separators is here https://github.com/algorand/go-algorand/blob/master/protocol/tags.go

Please 👍 this issue to elevate its visibility: algorand-devrel/community#10

Also, fwiw I wrote this up today to share and I'll probably add it to the docs next https://github.com/barnjamin/sdk-extras/blob/master/js/verify.ts

[trevormil]

Appreciate the quick response!

[winder]

The SDKs aren't intended to be general purpose crypto libraries, so there is weird behavior like this. If we decide to change that, we can do it throught he issue @barnjamin linked.