Skip to main content

Implementing Chain Signatures

Chain signatures enable NEAR accounts, including smart contracts, to sign and execute transactions across many blockchain protocols.

This unlocks the next level of blockchain interoperability by giving ownership of diverse assets, cross-chain accounts, and data to a single NEAR account.


This guide will take you through a step by step process for creating a Chain Signature.

⭐️ For complete examples of a NEAR account performing transactions in other chains:

Create a Chain Signature

There are five steps to create a Chain Signature:

  1. Deriving the Foreign Address - Construct the address that will be controlled on the target blockchain
  2. Creating a Transaction - Create the transaction or message to be signed
  3. Requesting a Signature - Call the NEAR multichain contract requesting it to sign the transaction
  4. Reconstructing the Signature - Reconstruct the signature from the MPC service's response
  5. Relaying the Signed Transaction - Send the signed transaction to the destination chain for execution

chain-signatures Diagram of a chain signature in NEAR

MPC testnet contracts

If you want to try things out, these are the smart contracts available on testnet:

1. Deriving the Foreign Address

Chain Signatures use derivation paths to represent accounts on the target blockchain. The external address to be controlled can be deterministically derived from:

  • The NEAR address (e.g., example.near, example.testnet, etc.)
  • A derivation path (a string such as ethereum-1, ethereum-2, etc.)
  • The MPC service's public key
    • secp256k1:4NfTiv3UsGahebgTaHyD9vF8KYKMBnfd6kh94mK6xv8fGBiJB8TBtFMP5WWXz6B89Ac1fbpzPwAvoyQebemHFwx3

We provide code to derive the address, as it's a complex process that involves multiple steps of hashing and encoding:


The same NEAR account and path will always produce the same address on the target blockchain.

  • example.near + ethereum-1 = 0x1b48b83a308ea4beb845db088180dc3389f8aa3b
  • example.near + ethereum-2 = 0x99c5d3025dc736541f2d97c3ef3c90de4d221315

We recommend hardcoding the derivation paths in your application to ensure the signature request is made to the correct account



2. Creating the Transaction

Constructing the transaction to be signed (transaction, message, data, etc.) varies depending on the target blockchain, but generally it's the hash of the message or transaction to be signed.

In Ethereum, constructing the transaction is simple since you only need to specify the address of the receiver and how much you want to send.

3. Requesting the Signature

Once the transaction is created and ready to be signed, a signature request is made by calling sign on the MPC smart contract.

The method requires two parameters:

  1. The transaction to be signed for the target blockchain
  2. The derivation path for the account we want to use to sign the transaction

Notice that the payload is being reversed before requesting the signature, to match the little-endian format expected by the contract


The contract will take some time to respond, as the sign method starts recursively calling itself waiting for the MPC service to sign the transaction.

A Contract Recursively Calling Itself?

NEAR smart contracts are currently unable to halt execution and await the completion of a process. To solve this while we await the ability to yield & resume, one can make the contract call itself again and again checking on each iteration to see if the result is ready.

Note: Each call will take one block which equates to ~1 second of waiting. After some time the contract will either return a result that an external party provided or return an error running out of GAS waiting.

4. Reconstructing the Signature

The MPC contract will not return the signature of the transaction itself, but the elements needed to reconstruct the signature.

This allows the contract to generalize the signing process for multiple blockchains.

In Ethereum, the signature is reconstructed by concatenating the r, s, and v values returned by the contract.

The v parameter is a parity bit that depends on the sender address. We reconstruct the signature using both possible values (v=0 and v=1) and check which one corresponds to our sender address.

5. Relaying the Signature

Once we have reconstructed the signature, we can relay it to the corresponding network. This will once again vary depending on the target blockchain.


⭐️ For a deep dive into the concepts of Chain Signatures see What are Chain Signatures?

⭐️ For complete examples of a NEAR account performing Eth transactions:

Was this page helpful?