[TEP-104] Enhancing Security in Non-Transaction Data Signing within the TON Ecosystem


This document introduces a protocol designed to ensure safe and verifiable signing of non-transaction data using wallet keys within the TON (The Open Network) ecosystem. The protocol, identified as Data Signatures, proposes a method for wallets to sign arbitrary data, distinguishing these signatures from transactional signatures to mitigate misuse and replay attacks.


In the TON ecosystem, wallets serve dual functions: managing assets and acting as universal identifiers across applications. While the primary use case involves signing transactions for coin transfers or smart contract interactions, there exists a need for wallets to authenticate non-transactional data for off-chain and on-chain applications without compromising security.

Proposal Summary

  • TEP: 0
  • Status: Draft
  • Type: Core
  • Authors: Oleg Andreev, Sergey Andreev, Denis Subbotin
  • Creation Date: 13.12.2022
  • Replaces: TEP-0


To enable the TON wallets to sign arbitrary non-transaction data securely, ensuring the signatures are distinctly separable from transaction signatures to prevent misuse.


The proposal details a signature scheme for arbitrary data, incorporating a unique composition of schema identifier, timestamp, and payload hash to create domain-separated signatures.

Implementation Details

Component Specification
Signing Data 352-bit message combining schema CRC, timestamp, and payload hash
Verification Enforcing domain separation through schema CRC, payload content, and timestamp
Payload Arbitrary data structured per TL-B definition
Security Domain separation ensured by unique schema versions and timestamp binding

Schema Versions

  1. Short plain text message: For signing UTF-8 text, utilizing the plaintext schema.
  2. Application binding: Allows signing data specifically for target applications, identified by TON.DNS names or contract addresses.

Security Considerations

The proposal outlines measures for binding signatures to specific applications and timeframes to mitigate replay attacks and ensure domain separation.

Comparison with Existing Solutions

Feature Data Signatures Proposal Ethereum EIP-1271
Domain Separation Schema CRC and timestamp Signature validation method
Payload Flexibility Arbitrary data via TL-B Pre-defined formats
Signature Replay Safety Timestamp binding Not specified
Application Binding TON.DNS and contract addresses Not applicable


The Data Signatures protocol presents a comprehensive framework for securely signing non-transaction data within the TON ecosystem. By establishing a clear separation between transactional and non-transactional signatures, it offers enhanced security for both off-chain and on-chain applications, paving the way for a more versatile and secure digital identity and authentication system within the TON network.