Why `Vote.SignBytes` is a JSON string?

[nnkken]

I'm trying to implement a custom blockchain using Tendermint, and I want to have a Relay contract on Ethereum so that my ERC-20 token can transfer between Ethereum and the Tendermint blockchain.

To do so, I need to write a smart contract on Ethereum verifying the block header from Tendermint. While other parts go well, the format of Precommits annoys me.

The signature are signed on the SHA-256 hash of the SignBytes, which are JSON strings, so to extract block header hash from the message, the smart contract needs to parse the JSON string, which is quite expensive.

I'm now finding work around on this problem, and my question is, why Tendermint is designed to sign a JSON string instead of a binary one, say a structure encoded by Amino, or the Merkle root of the information in the precommits (just like the block header hash)?

[jaekwon]

Amino would work... do you think that would save on EVM gas costs?
The Merkle root won't work because then we're left with the problem of information withholding... and besides, the Round field only exists in the vote.

[nnkken]

Amino will be muching better than JSON string in EVM.

Are the SignBytes directly passed to other validators?
I thought the content of the vote are serialized into another format, packed together with the signature, then other validators receiving this could check the signature by deserialize -> generate SignBytes -> check the signature with SignBytes.
In this way, the content of the vote can be different from the SignBytes

Besides, when I look at the format of current SignBytes:

{"@chain_id":"test-chain-dvwvaa","@type":"vote","block_id":{"hash":"044B1440465176F74042ACF3493A6BEFB6616E1F","parts":{"hash":"7C563049D57AB3D16817CB9E739303A02D085E9F","total":1}},"height":2,"round":0,"timestamp":"2018-05-24T03:52:21.310Z","type":2}

I think most of the parts (all except timestamp) are fixed for a successful commit, so if timestamp is not part of the SignBytes, then when validating votes for a block header, the parser will only have to parse the vote once and then reuse the same hash of SignBytes to validate all signatures.
Since timestamp is important, maybe the signature can sign sha256(sha256(chain_id, type, ...), timestamp), such that for each vote, only the timestamps have to be parsed instead of the whole vote.

[ebuchman]

In this way, the content of the vote can be different from the SignBytes

Yes, that's how it is now. The vote itself is amino encoded and the sign bytes are JSON. The JSON is leftover from when we did JSON transaction sign bytes so users could verify JSON befor signing, but validator nodes don't have that requirement.

We should change this to use Amino - tagging #1568

[ebuchman]

so if timestamp is not part of the SignBytes

Yeh, we're working on removing it, so the timestamp can come from the proposer instead: #1615

[nnkken]

Since timestamp is important, maybe the signature can sign sha256(sha256(chain_id, type, ...), timestamp), such that for each vote, only the timestamps have to be parsed instead of the whole vote.

From the comments in #1615 , it seems the timestamp field will be kept in the votes, so will this suggestion be considered?

[ebuchman]

Yes we should still do this!