MetaMask · legobeat · Oct 19, 2023 · Dec 20, 2022 · Dec 20, 2022 · Dec 20, 2022
@@ -1,6 +1,8 @@
 {
   "ignores": [
     "@lavamoat/allow-scripts",
+    "@ledgerhq/types-cryptoassets",
+    "@ledgerhq/types-devices",
     "@metamask/auto-changelog",
     "@types/*",
     "prettier-plugin-packagejson",

@@ -40,21 +40,22 @@
     "@ethereumjs/rlp": "^4.0.0",
     "@ethereumjs/tx": "^4.1.1",
     "@ethereumjs/util": "^8.0.0",
+    "@metamask/eth-sig-util": "^6.0.1",
     "@metamask/utils": "^5.0.0",
-    "eth-sig-util": "^2.0.0",
     "hdkey": "0.8.0"
   },
   "devDependencies": {
     "@ethereumjs/common": "^3.1.1",
     "@lavamoat/allow-scripts": "^2.3.0",
     "@ledgerhq/hw-app-eth": "^6.32.0",
+    "@ledgerhq/types-cryptoassets": "^7.6.0",
+    "@ledgerhq/types-devices": "^6.22.4",
     "@metamask/auto-changelog": "^3.1.0",
     "@metamask/eslint-config": "^11.0.1",
     "@metamask/eslint-config-browser": "^11.0.0",
     "@metamask/eslint-config-jest": "^11.0.0",
     "@metamask/eslint-config-nodejs": "^11.0.0",
     "@metamask/eslint-config-typescript": "^11.0.0",
-    "@types/eth-sig-util": "^2.1.1",
     "@types/ethereumjs-tx": "^1.0.1",
     "@types/hdkey": "^2.0.1",
     "@types/jest": "^28.1.6",
@@ -91,8 +92,8 @@
   "lavamoat": {
     "allowScripts": {
       "@lavamoat/preinstall-always-fail": false,
-      "eth-sig-util>ethereumjs-util>ethereum-cryptography>keccak": false,
-      "eth-sig-util>ethereumjs-util>ethereum-cryptography>secp256k1": false,
+      "@ledgerhq/hw-app-eth>@ledgerhq/domain-service>eip55>keccak": false,
+      "ethereumjs-tx>ethereumjs-util>keccak": false,
       "hdkey>secp256k1": false
     }
   }

@@ -2,14 +2,22 @@ import { Common, Chain, Hardfork } from '@ethereumjs/common';
 import { RLP } from '@ethereumjs/rlp';
 import { TransactionFactory } from '@ethereumjs/tx';
 import * as ethUtil from '@ethereumjs/util';
-import sigUtil from 'eth-sig-util';
+import * as sigUtil from '@metamask/eth-sig-util';
 import EthereumTx from 'ethereumjs-tx';
 import HDKey from 'hdkey';
 
 import { LedgerBridge } from './ledger-bridge';
 import { LedgerIframeBridge } from './ledger-iframe-bridge';
 import { AccountDetails, LedgerKeyring } from './ledger-keyring';
 
+jest.mock('@metamask/eth-sig-util', () => {
+  return {
+    // eslint-disable-next-line @typescript-eslint/naming-convention
+    __esModule: true,
+    ...jest.requireActual('@metamask/eth-sig-util'),
+  };
+});
+
 const fakeAccounts = [
   '0xF30952A1c534CDE7bC471380065726fa8686dfB3',
   '0x44fe3Cf56CaF651C4bD34Ae6dbcffa34e9e3b84B',
@@ -700,7 +708,7 @@ describe('LedgerKeyring', function () {
           },
         ],
       },
-      primaryType: 'Mail',
+      primaryType: 'Mail' as const,
       types: {
         EIP712Domain: [
           { name: 'name', type: 'string' },

@@ -1,9 +1,15 @@
 import { RLP } from '@ethereumjs/rlp';
 import { TransactionFactory, TxData, TypedTransaction } from '@ethereumjs/tx';
 import * as ethUtil from '@ethereumjs/util';
+import type { MessageTypes, TypedMessage } from '@metamask/eth-sig-util';
+import {
+  recoverPersonalSignature,
+  recoverTypedSignature,
+  SignTypedDataVersion,
+  TypedDataUtils,
+} from '@metamask/eth-sig-util';
 // eslint-disable-next-line import/no-nodejs-modules
 import { Buffer } from 'buffer';
-import * as sigUtil from 'eth-sig-util';
 import type OldEthJsTransaction from 'ethereumjs-tx';
 // eslint-disable-next-line import/no-nodejs-modules
 import { EventEmitter } from 'events';
@@ -418,10 +424,9 @@ export class LedgerKeyring extends EventEmitter {
       recoveryId = `0${recoveryId}`;
     }
     const signature = `0x${payload.r}${payload.s}${recoveryId}`;
-    const addressSignedWith = sigUtil.recoverPersonalSignature({
+    const addressSignedWith = recoverPersonalSignature({
       data: message,
-      // eslint-disable-next-line id-denylist
-      sig: signature,
+      signature,
     });
     if (
       ethUtil.toChecksumAddress(addressSignedWith) !==
@@ -453,9 +458,9 @@ export class LedgerKeyring extends EventEmitter {
     return hdPath;
   }
 
-  async signTypedData(
+  async signTypedData<T extends MessageTypes>(
     withAccount: string,
-    data: sigUtil.EIP712TypedData,
+    data: TypedMessage<T>,
     options: { version?: string } = {},
   ) {
     const isV4 = options.version === 'V4';
@@ -466,22 +471,18 @@ export class LedgerKeyring extends EventEmitter {
     }
 
     const { domain, types, primaryType, message } =
-      sigUtil.TypedDataUtils.sanitizeData(data);
-    const domainSeparatorHex = sigUtil.TypedDataUtils.hashStruct(
+      TypedDataUtils.sanitizeData(data);
+    const domainSeparatorHex = TypedDataUtils.hashStruct(
       'EIP712Domain',
       domain,
       types,
-      // @ts-expect-error @types/eth-sig-util documents this function
-      // as taking three arguments, but it actually takes four.
-      // See: https://github.com/MetaMask/eth-sig-util/blob/v2.5.4/index.js#L174
-      isV4,
+      SignTypedDataVersion.V4,
     ).toString('hex');
-    const hashStructMessageHex = sigUtil.TypedDataUtils.hashStruct(
-      primaryType,
+    const hashStructMessageHex = TypedDataUtils.hashStruct(
+      primaryType.toString(),
       message,
       types,
-      // @ts-expect-error see comment above
-      isV4,
+      SignTypedDataVersion.V4,
     ).toString('hex');
 
     const hdPath = await this.unlockAccountByAddress(withAccount);
@@ -508,13 +509,10 @@ export class LedgerKeyring extends EventEmitter {
       recoveryId = `0${recoveryId}`;
     }
     const signature = `0x${payload.r}${payload.s}${recoveryId}`;
-    // @ts-expect-error recoverTypedSignature_v4 is missing from
-    // @types/eth-sig-util.
-    // See: https://github.com/MetaMask/eth-sig-util/blob/v2.5.4/index.js#L464
-    const addressSignedWith = sigUtil.recoverTypedSignature_v4({
+    const addressSignedWith = recoverTypedSignature({
       data,
-      // eslint-disable-next-line id-denylist
-      sig: signature,
+      signature,
+      version: SignTypedDataVersion.V4,
     });
     if (
       ethUtil.toChecksumAddress(addressSignedWith) !==