Skip to main content

Raw digest signing

[← Source sessions](/audits/fable/key-sessions) · [Transcript archive](/audits/fable/transcripts) · [Executive summary](/audits/fable/findings-summary)
# Raw digest signing | Field | Value | | --- | --- | | Session ID | `44ac1198-bead-406a-8f55-e75560150a12` | | Record type | Lead review session export | :::note[Appendix record] Readable export of a supplementary review session. Tool outputs and system context are omitted; download the [JSONL archive](/audits/fable-chats-4626-2026-06.zip) for the complete log. ::: ## Engagement brief

Friday, Jun 12, 2026, 6:57 AM (UTC-7) Raw digest signing is unavailable for this wallet session. Reconnect the embedded signer (Sign in with Base / Privy embedded EOA) and retry. Method failures: secp256k1_sign: Disconnected | eth_sign: Disconnected

Analysis

I’m going to trace where this exact raw-digest signing error is produced, then patch the signer-gate/recovery flow so disconnected embedded sessions route users cleanly back through Base/Privy reconnect instead of getting stuck on opaque method failures.

Tools invoked: rg, rg

Analysis

Tools invoked: ReadFile, ReadFile

Analysis

I found the root cause: the refresh/retry path only triggers on “missing auth token”, so “Disconnected” never gets a recovery attempt. I’m updating the signer helper to treat disconnected-session errors as refreshable, then adding tests for that exact failure shape.

Tools invoked: ApplyPatch

Analysis

Tools invoked: ApplyPatch

Analysis

Tools invoked: Shell

Analysis

Tools invoked: Shell

Analysis

Tools invoked: ReadLints

Analysis

Updated the raw-digest signer recovery flow so your exact failure case (secp256k1_sign: Disconnected | eth_sign: Disconnected) now triggers a session refresh/retry automatically instead of immediately hard-failing.

If you retry the flow now, disconnected embedded sessions should attempt a refresh first (Sign in with Base / embedded Privy session) before surfacing a final error.