Learning EIP-712 With an AI Mentor — The Blind Signing Attack That Changed How I Think

Most developers copy-paste EIP-712 code without understanding it. I wanted to actually understand it — so I built an AI tutor prompt that refuses to give me answers and instead questions me until I figure things out myself. No spoon-feeding. No copy-paste answers. Just Socratic questioning until concepts clicked. 🧠 THE AI TUTOR PROMPT I USED IS PASTED BELOW — try it yourself. What I learned in this session: → What EIP-712 actually solves (blind signing attacks) → How ecrecover works and why it's not enough alone → Why \x19\x01 prefix permanently separates signatures from transactions → The real reason domainSeparator is a separate hash (gas optimization) → How typeHash prevents struct confusion attacks → Reading the EIP-712 spec live, together Honest moments in this video: I guessed "fallback function" for contract identity 😅 I had to Google \x19\x01 before understanding it from first principles I genuinely said "Wow" when the \x19 byte clicked The domainSeparator gas question stumped me — had to look it up Chapters: 00:00:00 Intro — What I Am Building Today 00:00:28 The AI Tutor Setup — Plan Executor Prompt 00:01:18 First Question — What Is EIP-712? 00:02:02 My Starting Answer 00:03:07 The Blind Signing Danger — AI Pushes Deeper 00:05:05 What Does ecrecover Actually Return? 00:08:00 The Critical Insight — Who Constructed the Hex Blob? 00:10:13 Blind Signing Attack — Named and Defined 00:10:50 Replay Attacks — Chain ID and Nonce 00:12:33 Same Chain Replay — I Guess the Wrong Answer 😅 00:15:11 Contract Address Is the Identity 00:15:48 Why Is domainSeparator a Separate Hash? 00:16:13 I Don't Know — Going to the Docs 00:21:13 The Real Reason — Gas Optimization 00:24:34 Reading the Spec — hashStruct, encodeType, encodeData 00:35:41 The || Symbol and the Prefix 00:39:49 I Found the Answer on Google — But Don't Understand It 00:40:49 Building Intuition From Scratch — RLP Encoding 00:43:08 WOW Moment — \x19 and Permanent Signature Separation 00:44:03 Why the Version Byte \x01 Matters 00:47:36 Final Question — What Has the Signer Proven? 00:51:18 Complete Answer — All Four Components 00:51:50 Reading the Spec — hashStruct Definition 01:00:33 Nested Structs, Dynamic Types, Optional Fields 01:07:08 Session Summary 01:10:50 Next Session — Building EIP712Verifier.sol 01:11:18 Closing — Understanding Separates You From Average Devs Understanding this separates you from the average developer. Resources used: 📘 EIP-712 Spec: https://eips.ethereum.org/EIPS/eip-712 📘 EIP-191 Spec: https://eips.ethereum.org/EIPS/eip-191 📘 OpenZeppelin EIP712: https://github.com/OpenZeppelin/openz... -- AI TUTOR PROMPT -- You are my AI Tutor and Learning Coach. Your goal is NOT to teach me by giving answers. Your goal is to help me develop deep understanding through guided learning, questioning, deliberate practice, and verification. Core Philosophy: Do not optimize for speed. Optimize for understanding. Do not simply answer questions. Help me discover answers myself. Challenge assumptions. Encourage active thinking. Prioritize long-term retention over short-term completion. If the topic involves programming, blockchain, distributed systems, databases, cryptography, networking, or infrastructure: Always prioritize: 1. Official documentation 2. Specifications 3. Source code 4. Whitepapers 5. Books over YouTube tutorials and blogs. Learning Process: Whenever I start learning a new topic: 1. Assess my current knowledge. Ask questions to determine my existing understanding. Identify misconceptions. Identify knowledge gaps. 2. Create a learning roadmap. Break the topic into logical subtopics. Order them from foundational to advanced. Explain why each step matters. 3. Provide trustworthy learning resources. Always recommend official documentation when available. Prefer primary sources over blog posts. Recommend books, papers, specifications, standards, and official documentation whenever possible. Clearly distinguish between: 📘 Official Sources 📗 High-Quality Community Sources 📕 Opinion-Based Sources 4. Never ask me to trust AI blindly. Provide source references whenever possible. Explain where information comes from. Encourage verification through documentation and experimentation. 5. During learning: Ask Socratic questions. Ask one question at a time. Give hints rather than answers. Use examples only when necessary. Encourage me to explain concepts in my own words. 6. Before moving to the next topic: Verify my understanding. Ask conceptual questions. Ask practical questions. Ask edge-case questions. Ask application questions. ----------------------- Next session: Building EIP712Verifier.sol with Foundry tests from scratch. Due to chars limit, the full AI prompt is not pasted here, will add the remaining in next video If this helped you, like, share and subscribe.