Ledger Enterprise
Help Center
Help Center
  • Welcome to the Help Center
  • Fundamentals
    • Getting set up
      • Sign in and out
      • For Administrators
      • For Operators
  • Supported Networks
  • What's new
  • CORE
    • Workspace administration
      • Admin Rule
        • Edit the admin rule
      • Accounts
        • Create an account
        • Solana SPL token account
        • Direct Access EVM Accounts
        • Edit an account
        • Activate a view-only account
        • Generate a receiving address
      • Groups
        • Create a group
        • Edit a group
        • Delete a group
      • Whitelists
        • Create a whitelist
        • Edit a whitelist
      • Entities
        • Create an entity
        • Edit an entity
        • Delete an entity
    • Users
      • User Roles and Permissions
      • New users
      • Register on the Ledger Vault
    • Your Device
      • Initialize your Personal Security Device (PSD)
      • Update your Personal Security Device (PSD)
      • Configure the Ledger Cryptosteel
      • Device pairing: View your partition ID
    • Managing requests
      • Approve or reject a request
      • Track the status of a request
      • Recreate a rejected or failed request
    • Transactions
      • Create a transaction
      • Transaction fees & speed
      • UTXOs
      • Replace by Fee
      • Export transaction history
      • Vault Raw Signing Overview
    • Compliance capabilities
      • Proof of Reserve - Enable Message Signing on an account
      • Proof of Researve - Sign Messages
      • Address Screening and KYT
    • Using Vault Signer
      • Create a Vault Signer account
      • Connect your Signer account to the Ledger Live extension
      • Craft a transaction on Ledger Live with your Vault Signer account
    • Overview of the Ledger Enterprise API
    • Public Key Infrastructure (PKI) Implementation
    • Ledger Enterprise mobile application
      • Terms of Use
  • staking
    • Stake Cardano
      • Overview
      • Enable ADA Staking
      • Stake ADA with Figment
      • Reporting
    • Stake Cosmos
      • Overview
      • Enable ATOM Staking on your Ledger Cosmos Enterprise accounts
      • How to stake ATOM
    • Stake Ethereum
      • Overview
      • Enable ETH Staking on your Ethereum accounts
      • Stake ETH with Kiln
      • Stake ETH with Figment
      • Stake ETH with Blockdaemon
    • Stake Solana
      • Overview
      • Enable SOL Staking on your Solana accounts
      • Stake SOL with Figment
      • Solana Staking Reporting
    • Stake Polkadot
      • Overview
      • Enable DOT Staking
      • Stake DOT with Figment
    • Stake Polygon
      • Overview
      • Enable MATIC Staking
      • Stake MATIC with Figment
      • Stake MATIC with Kiln
    • Stake Tezos
      • Overview
    • Staking Providers
      • Stake with kiln
      • Stake with Figment
      • Stake with Blockdaemon
  • Web3: DeFi & NFT
    • Web3: DeFi & NFT Interactions
      • Web3 governance & configuration
        • Enable Smart Contract Interactions on EVM accounts
        • Enable Message Signatures on EVM accounts
        • Enable Contract Deployments on EVM accounts
        • Customize DApps catalog on EVM accounts
      • Vault DApps
        • DApp Provider Guide
        • Lido
        • Paraswap
        • Yearn
      • Interact with an external DApp via WalletConnect
      • Deploy a Smart Contract
      • Sign DApp messages
      • Interact with a smart contract
    • Raw Signing Best Practices
  • TRADELINK
    • Introduction
    • Best Practices
    • Run Tradelink as an Administrator
    • Operate Tradelink as a Custodian
    • Operate Tradelink as an Asset Manager
    • Operate Tradelink as an Exchange
    • Ledger Tradelink Terms of Use
  • Support
    • Troubleshooting
    • Security best practices
      • Ledger Stax Best Practices
    • Recovering your Vault Master Seed
    • Recover your Ledger Vault's master seed on a Nano S Plus
Powered by GitBook
On this page
  • Overview
  • Instructions
  1. CORE
  2. Compliance capabilities

Proof of Researve - Sign Messages

This section is for Operators only.

Overview

Signing messages serves a crucial purpose in the web3 ecosystem. It allows users to confirm their identity, authenticate transactions, and on smart-contract enables networks such as EVMs, interact with smart contracts without the need to share their private keys.

Ledger Enteprise supports the signature of messages in

  • the EIP-191 and EIP-712 formats on EVM networks ;

  • the EIP-191 format on all other networks .

Whenever signing a message, Operators will be able to review their content on the Trusted Display of their Personal Security Devices.

The signature of messages with Ledger Enterprise accounts opens up multiple opportunities in the web3 ecosystem.

Note that signing a Message is a fully off-chain operation that does not let you send funds. However, it is crucial that the format of these signed messages cannot be interpreted as Transactions (and risk losing funds). Therefore, Ledger Enterprise formats all messages in an EIP-191 fashion so that they cannot be broadcasted as Transactions on a network.

Instructions

Pre-requisites

  • In order to initiate or approve a Message Signature request on an account, you need to be an authorized Operator on that account, i.e. be part of the Message Signature rule of that account.

  • If this is not the case, please contact your Administrator, so that they can add you to the Message Signing rule .

Step 1: Create the Message Signature request

  1. Sign in yo your workspace, and click on the New transaction button in your sidebar. Select Sign message.

  1. Select the account that you wish to use to sign your message, and input the desired message in the dedicated space.

  2. ( Optional ) Click on Next and add a Title and Comments to easily identify and report your Message Signature requests during your reporting workflows.

  3. Review the summary of the Message Signature request. Click Review on PSD to examine the message on the Trusted Display of your Personal Security Device . Tap the arrows to expand the different sections of the message.

  4. The message signature request is created and will undergo the message signature governance checks which admins have defined for the account.

    1. If the message signature governance rule requires further operator approvals, see Step 2

    2. If the message signature governance rule does not require further operator approvals, see Step 3

You should only trust the message displayed on your PSD. Ensure that the message is accurate and corresponds to your intention before approving its signature. Reject the message signature and contact the Ledger Enterprise support if you notice discrepancies.

Step 2: Review and approve a Message Signature request

When a Message Signature request requires your approval, it will appear in the Request panel.

  1. Click on the Message Signature request to examine its content.

  2. Click Review on PSD to check the message on the Trusted Display of your Personal Security Device.

Step 3: Sign the Message

Once the Message Signature requests has passed all the required governance checks, it will be signed by the Hardware Security Module. The signed message is then available in your Operations table, in the Message tab.

Step 4: Reporting - Monitor and audit the Message Signature request

You can monitor and audit your entire history of messages signed.

Ledger Enterprise records the message that was signed, its signature hash, as well as the message singing governance rule's audit logs.

To encode and sign the message while preventing it from being interpreted as a Transaction across networks, Ledger Enterprise leverages a specific format (see below).

Message encoding format: keccak256("\0x00<currency_name> Signed Message:\n" + len(message) + message). For instance, a BTC signed message would be encoded following: keccak256("\0x00Bitcoin Signed Message:\n" + len(message) + message).

PreviousProof of Reserve - Enable Message Signing on an accountNextAddress Screening and KYT

Last updated 28 days ago