9

Is there a way to use the private key from my Metamask or Mist account to sign a raw transaction?

I cannot use ethereumjs-tx without the private key, but I want to be able to use injected Web3 and not create the keypairs myself.

simonDos
  • 366
  • 1
  • 2
  • 9

2 Answers2

10

In Ethereum, a "raw transaction" is one that has been signed, so you don't sign raw transactions, you sign transactions, and you submit them to the blockchain.

Both Mist and MetaMask inject the web3.js API into the browser context, and allow you to use its methods for querying the blockchain, and submitting transactions for user signing & submitting to the blockchain.

The most basic and common method to submit a transaction using web3 is to use web3.eth.sendTransaction(params, callback).

Using that method, the user will be prompted to approve the transaction, and if they do, it will be signed & submitted to the blockchain, and you will be called back with that transaction's hash. You can then query the blockchain for that transaction's inclusion by polling web3.eth.getTransactionReceipt(hash, callback).

In addition to this, you can sign arbitrary data blobs using web3.eth.sign(fromAddress, data, callback), although it has protections to sign it differently than a transaction, so users aren't tricked into signing transactions using this method.

DanF
  • 2,626
  • 10
  • 19
  • 2
    Okay so the last one might be what im looking for. IIUC, signing data with eth.sign() will enable me to prove my identity to someone, but will not work for creating a raw tx to be later sent to the blockchain, right? – simonDos Jan 19 '17 at 10:25
  • 1
    That's is correct. – DanF Jan 19 '17 at 19:01
  • 1
    For an example of how: https://ethereum.stackexchange.com/questions/2660/how-can-i-verify-a-signature-with-the-web3-javascript-api – DanF Jan 19 '17 at 19:01
  • 1
    Thanks a lot. I used ecrecover from utils to deduce the address of the signee and now i can compare this to the owner address in my contract. Perfect! – simonDos Jan 20 '17 at 13:56
  • I try this, on testnet Metamask does not prompt, why? –  Jan 15 '18 at 23:46
  • If you have a specific question, please open a new question with details about it. – DanF Jan 16 '18 at 20:26
-1

"the user will be prompted to approve the transaction, and if they do, it will be signed & submitted to the blockchain"

So if I do my signing on an offline airgapped machine how is Metamask going to sign the transaction once I "approve" it (I assume by clicking "OK" in some stupid browser dialog - a retardedly low bar for "approval")? How would you download the raw/unsigned TX to take for offline signing?

Dohn Joe
  • 1