# Extra ECDSA authentic in header

As the above table shows, some requests need extra authentication in the request header.

Listed as below:

| Request                | EDDSA | ECDSA    | Approved Hash | X-API-SIG in header     |
| ---------------------- | ----- | -------- | ------------- | ----------------------- |
| submitTransfer         | Y     | Optional | Y             | EIP712 signed structure |
| submitOffchainWithdraw | Y     | Optional | Y             | EIP712 signed structure |
| updateAccount          | Y     | Y        | Y             | EIP712 signed structure |

So, If a user wants to do submitTransfer, submitOffchainWithdraw and updateAccount, in addition to the EdDSA signature, you also need to use ECDSA to sign them and put the signature in the request header. Loopring 3.6 uses the EIP712 standard, A user needs to serialize specific fields of a request, say transfer into an EIP712 compatible structure, and then use standard EIP712 hash algorithm to calculate the hash of the structure, and then use personal \_sign, to sign the combined string.

The code for EIP712 signing in python is as follows:

```python
def createOriginTransferMessage(req: dict):
    class Transfer(EIP712Struct):
        pass

    setattr(Transfer, 'from', Address())
    Transfer.to           = Address()
    Transfer.tokenID      = Uint(16)
    Transfer.amount       = Uint(96)
    Transfer.feeTokenID   = Uint(16)
    Transfer.maxFee       = Uint(96)
    Transfer.validUntil   = Uint(32)
    Transfer.storageID    = Uint(32)

    transfer = Transfer(**{
        "from"          : req['payerAddr'],
        "to"            : req['payeeAddr'],
        "tokenID"       : req['token']['tokenId'],
        "amount"        : int(req['token']['volume']),
        "feeTokenID"    : req['maxFee']['tokenId'],
        "maxFee"        : int(req['maxFee']['volume']),
        "validUntil"    : req['validUntil'],
        "storageID"     : req['storageId']
    })

    # print(f"transfer type hash = {bytes.hex(transfer.type_hash())}")
    return EIP712.hash_packed(
        EIP712.exchangeDomain.hash_struct(),
        transfer.hash_struct()
    )

message = createUpdateAccountMessage(transfer_request)
v, r, s = sig_utils.ecsign(message, self.ecdsaKey)
```

The EIP712 structure declarations of each requests types can be found in the Loopring contract, or from our reference code base. Below is the withdrawal request EIP712 structure.

```solidity
    struct Withdrawal
    {
        address owner;
        uint32  accountID;
        uint16  tokenID;
        uint    amount;
        uint16  feeTokenID;
        uint    fee;
        address to;
        bytes32 extraDataHash;
        uint    minGas;
        uint32  validUntil;
        uint32  storageID;
    }
```

So the signing logic is:

```python
def createOffchainWithdrawalMessage(req: dict):
    class Withdrawal(EIP712Struct):
        owner = Address()
        accountID = Uint(32)
        tokenID = Uint(16)
        amount = Uint(96)
        feeTokenID = Uint(16)
        maxFee = Uint(96)
        to = Address()
        extraData = Bytes()
        minGas = Uint()
        validUntil = Uint(32)
        storageID = Uint(32)

    # "Withdrawal(address owner,uint32 accountID,uint16 tokenID,uint96 amount,uint16 feeTokenID,uint96 maxFee,address to,bytes extraData,uint256 minGas,uint32 validUntil,uint32 storageID)"
    withdrawal = Withdrawal(**{
        "owner"         : req['owner'],
        "accountID"     : req['accountId'],
        "tokenID"       : req['token']['tokenId'],
        "amount"        : int(req['token']['volume']),
        "feeTokenID"    : req['maxFee']['tokenId'],
        "maxFee"        : int(req['maxFee']['volume']),
        "to"            : req['to'],
        "extraData"     : bytes.fromhex(req['extraData']),
        "minGas"        : int(req['minGas']),
        "validUntil"    : req['validUntil'],
        "storageID"     : req['storageId'],
    })

    # print(f"extraData hash = {bytes.hex(Web3.keccak(bytes.fromhex(req['extraData'])))}")
    # print(f"withdrawal type hash = {bytes.hex(withdrawal.type_hash())}")
    return EIP712.hash_packed(
        EIP712.exchangeDomain.hash_struct(),
        withdrawal.hash_struct()
    )

message = createUpdateAccountMessage(withdrawal_request)
v, r, s = sig_utils.ecsign(message, self.ecdsaKey)
```

Please **NOTE**: The final string in request header is a 134 bytes hex string which is constructed as  the below code shows:

```python
    v, r, s = sig_utils.ecsign(message, self.ecdsaKey)
    header['X-API-SIG'] = "0x" + bytes.hex(v_r_s_to_signature(v, r, s)) + "02"
```

It starts with '0x' to indicate hex format and ends with '02' which stands for `EIP_712` signature type. Forgetting to add '02' type leads to signature verification failure as the Relay has no hint on the verification method.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs-protocol.loopring.io/resources/request-signing/extra-ecdsa-authentic-in-header.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.