Adds message signing to wallet

[adrian-fjellberg]

Adds the ability to sign arbitrary messages using wallet accounts. The user can specify the elliptic curve to use for signing (secp256r1 or secp256k1). It generates a payload using salt and the provided message, then signs the payload with each available wallet account, displaying the address, public key, salt and signature.

Description

This PR introduces a new sign_message command to the Neo CLI, enabling message signing outside of transactions.
Previously, the CLI only supported signing serialized transaction data, which made it impossible to produce verifiable message signatures for use in external applications, authentication workflows, or dApp integrations.

With this change, users can now easily sign and verify arbitrary messages directly from their local wallet.

Change Log

• Added the "sign_message" command to the Neo CLI.
• Changed Neo.CLI.MainService to implement the "sign_message" command.
• Added optional curve parameter (supports secp256r1 and secp256k1)
• Implemented payload creation using salt + message for improved uniqueness

Fixes #4285

Type of change

• Optimization (the change is only an optimization)
• Style (the change is only a code style for better maintenance or standard purpose)
• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

• Unit Testing
• Run Application: manually tested sign_message on local CLI with both curves
• Local Computer Tests
• No Testing

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules

[Wi1l-B0t]

Suggested change

	[ConsoleCommand("sign_message", Category = "Wallet Commands")]
	[ConsoleCommand("sign message", Category = "Wallet Commands")]

[adrian-fjellberg]

I treid this approach, but it seems like it then ran "sign" and "sign message" commands at the same time. And outputted errors.

I feel the naming of "sign_message" is not good, but it works.

I also considered renaming "sign" to "sign transaction" (or somthing of that nature), but I was afraid that could be considered a braking change.

Any suggestions for a better command name that would not be a breaking change?

[erikzhang]

We need to solve this issue before merging the code.

[adrian-fjellberg]

What if we call it "signmsg"?

Or do you want to fix the issue that both commands are run @erikzhang?

[erikzhang]

I prefer to fix it first.

[Jim8y]

we dont really support secp256k1, the key you get is still p-256 pubkey.

[adrian-fjellberg]

Ok. I think I saw in the code for Crypto.Sign that both were supported so that is why I added it.

Do you want me tor remove the option to select curve and only use secp256r1?

[erikzhang]

We need a structured format that specifies the address, public key, and algorithm for signing. This also facilitates verification.

[adrian-fjellberg]

Some questions:

1. Should we require the user specifiy either the public key or address for signing?

2. If yes to question 1: If there is only one address in the open wallet, could we default to using this one? I think this will make signing more user friendly.

3. For specifing the algorithim, do you mean the curve or padding, salt, etc.? Or both?

4. Can we provide defaults for each option so that the command become user friendly?

[erikzhang]

I mean we need to define an output format including address, public key, and algorithm of the signature.

[Jim8y]

what is the meaning of this script, some standard?

[shargon]

Yes, could you clarify it @adrian-fjellberg

[adrian-fjellberg]

It is to ensure that the message is not also a valid NEO transaction. I do not think it is a defined standard but it is the way both NEON wallet and NeoLine signs messages.

Do you want me to add comments to the code to clearify?

[Jim8y]

I see, its just some prefix.

[adrian-fjellberg]

I can add comments to the code.

[adrian-fjellberg]

I also started on documenting the command line feature:
https://github.com/adrian-fjellberg/neo-dev-portal/blob/feature/sign-message-cli-docs/docs/n3/node/cli/cli.md#sign_message