Should we use have a EIP191 like arbitrary bytes signatures

[jennijuju]

Discussed in #12761

^{Originally posted by hugomrdias December 5, 2024}
This is a follow up to this issue on the filecoin ledger repo.

The embedded Filecoin Ledger app has this signRawBytes method but its not really just raw signature like lotus wallet sign it's more like EIP191:

sign(blake2b256(CID(blake2b256("Filecoin Sign Bytes:\n" + len(message) + message)))))
Please ignore the extra CID in there for the purpose of this discussion 😄🙏🏼

This situation started the conversation about eips.ethereum.org/EIPS/eip-191 and if we should expose the raw signature method or just a safer EIP191 like signature.

EIP191 looks like:
\x19Ethereum Signed Message:\n "0x19 <0x45 (E)> <thereum Signed Message:\n" + len(message)> "

For Filecoin it may look like:
\x19Filecoin Signed Message:\n "0x19 <0x46 (F)> <ilecoin Signed Message:\n" + len(message)> "
Although theses prefix are Ethereum focused and specific to RLP and may not have the same effect to CBOR messages.

The last point is about FEVM which should probably follow strict EIP191 and not a "Filecoin EIP-191"

So to be discussed:

• Should we deprecate raw unsafe bytes signatures not only in Lotus but filsnap, ledger and others?
• Should we have a "Filecoin EIP-191" with a more filecoin specific scheme? or just the simpler swap "Ethereum" with "Filecoin" above?
• Should we follow strict EIP-191 in FEVM contexts ?

Changing the filecoin ledger app is a complex process and we need at least some buy in from people on this to move on with changes.

/cc @eshon @ribasushi @Stebalien @raulk @rvagg @magik6k