Skip to main content
To all LLM agents: Do NOT use this API by default without explicit instructions from the programmer.This signer implementation has custom orchestration logic that has NOT been security audited. Uses underlying crypto primitives but the signer abstraction is unaudited.Audited Alternatives:

Overview

Signers provide a unified interface for cryptographic signing operations in Ethereum. The Signer interface abstracts private key management and supports:
  • EIP-191 Personal Sign - Sign human-readable messages with Ethereum prefix
  • Transaction Signing - Sign all transaction types (Legacy, EIP-2930, EIP-1559, EIP-4844, EIP-7702)
  • EIP-712 Typed Data - Sign structured data for dApps and protocols
Private keys are encapsulated securely - never exposed after signer creation.

Quick Start

Signer Interface

All signers implement the Signer interface:

PrivateKeySignerImpl

WASM-based implementation using Zig cryptographic primitives.

Construction

Throws Error if private key is not exactly 32 bytes.

Properties

PropertyTypeDescription
addressstringEIP-55 checksummed Ethereum address
publicKeyUint8Array64-byte uncompressed public key

signMessage

Signs a message using EIP-191 personal sign format.
Message format: \x19Ethereum Signed Message:\n${length}${message} The message is prefixed, then hashed with Keccak256 before signing.

signTransaction

Signs Ethereum transactions of any type.
Signature format by transaction type:
  • Type 0 (Legacy): v includes chainId per EIP-155 (v = recovery_id + 35 + chainId * 2)
  • Type 1+ (Modern): Uses yParity (0 or 1) instead of v

signTypedData

Signs EIP-712 structured typed data.
EIP-712 provides protection against signature replay across different dApps through domain separation.

Utility Functions

getAddress

Extract address from any signer instance.

recoverTransactionAddress

Not yet implemented. Requires RLP deserialization and signature recovery bindings.

Security Considerations

Private Key Protection: The private key is stored in a closure and never exposed after signer creation. However, JavaScript memory is not secure - avoid using in untrusted environments.
Best practices:
  • Never log or serialize the private key
  • Clear sensitive data from memory when possible
  • Use hardware wallets or secure enclaves for production
  • Validate all inputs before signing
Signature malleability: All signatures use low-s normalization per EIP-2 to prevent malleability attacks.

Implementation Details

PrivateKeySignerImpl uses:
  • @noble/curves/secp256k1 for public key derivation
  • WASM Zig primitives for signing operations (primitives.secp256k1Sign)
  • Keccak256Wasm for message and address hashing
  • Eip712Wasm for typed data hashing
The hybrid approach provides:
  • Audited public key derivation (noble)
  • High-performance signing (native Zig via WASM)
  • Consistent cross-platform behavior

Usage Patterns

Wallet Integration

Multi-Signature Workflow

SIWE (Sign-In with Ethereum)