Bitcoin Forum>Bitcoin>Bitcoin Technical Support
Author

Topic: Can I sign a message with more than one address? (Read 265 times)

achow101
staff
Activity: 3458
Merit: 6793
Just writing some code
Can I sign a message with more than one address?
November 21, 2019, 05:35:59 PM
#17
Quote from: The Cryptovator on November 21, 2019, 03:23:43 AM
What I have seen on brain wallet, they never asked for public key for verify signature. They just ask address, message and signature. Means you are able to verify signature with thses details. Public keys isn't necessary here. Even you don't need to provide address to verify signature, wallet automatically will show from which address it has been signed. If wallet themselves calculate public keys means it's not necessary for you. That's what my point.
That is incorrect.


In ECDSA, to verify a signature, you MUST have the public key, the signature, and the message. However, there is a way that, given a signature and a message, you can compute a public key that would verify the trio. The caveat is that every signature and every message has a public key that makes the trio valid. Without knowing the public key or some representation of it, a signature and message combo is always valid for some public key. The point of a public key is that you are verifying the identify of the person who created the signature and message.

Bitcoin does not require you to have the public key for signed messages because you are required to have the address, which is a representation of the public key. Bitcoin signed messages are verified by recovering the pubkey from the signature and message. Then that public key is hashed and the address computed from that. That computed address is compared to the address given to the verifier. If it matches, then the signature is "valid". If not, it is "invalid".

So verifying a signed message absolutely requires the public key or some representation of it (aka the address).
o_e_l_e_o
legendary
Activity: 2268
Merit: 18711
Re: Can I sign a message with more than one address?
November 21, 2019, 07:38:40 AM
#16
Quote from: Text on November 21, 2019, 06:05:49 AM
Quote
In effect, the private key generates the public key which, in turn, generates the public address.
This is correct, at the most basic level.

Your private key is (almost) any 256 bit number. The private key is used to generate the public key by using the ECDSA curve secp256k1. This is a one way process.

The public key is used to generate the address by first passing it through sha256, then ripemd160, then calculating and appending the checksum. Again, a one way process.
Text
hero member
Activity: 2464
Merit: 594
Re: Can I sign a message with more than one address?
November 21, 2019, 06:05:49 AM
#15
Since then, all I know that the public key and address are just the same. Please enlighten me more...

So I came to google and typed on the search bar "public key and address" and I got this result from investopedia.com

Quote
The public address is a hashed version of the public key. Because the public key is made up of an extremely long string of numbers, it is compressed and shortened to form the public address. In effect, the private key generates the public key which, in turn, generates the public address.

o_e_l_e_o
legendary
Activity: 2268
Merit: 18711
Re: Can I sign a message with more than one address?
November 21, 2019, 05:45:46 AM
#14
Quote from: The Cryptovator on November 21, 2019, 03:23:43 AM
Even you don't need to provide address to verify signature, wallet automatically will show from which address it has been signed.
Correct. As I explained above, the verifying software will use the message and the signature to calculate usually two possible public keys (but very rarely 4), and then determine which one was used to sign the message. It will then hash that public key to give an address. If you have also supplied an address, it will tell you if they match. If you haven't supplied an address, then it will display the address it has calculated.

Quote from: The Cryptovator on November 21, 2019, 03:23:43 AM
That's why I just explain normally that address is another appearance of public.
It's not, though. I'm not sure how much of this is a language barrier, but to suggest two things are different appearances of the same thing also suggests that they are interchangeable or convertible back and forth, which you've correctly stated in your previous statement that they are not.
The Cryptovator
legendary
Activity: 2394
Merit: 2223
Signature space for rent
Re: Can I sign a message with more than one address?
November 21, 2019, 03:23:43 AM
#13
Quote from: o_e_l_e_o on November 20, 2019, 07:07:08 AM
Quote from: The Cryptovator on November 20, 2019, 01:18:25 AM
Public key doesn't necessarily to verify message.
It actually is needed, it's just you don't have to send it to the verifier; they can calculate it themselves.
What I have seen on brain wallet, they never asked for public key for verify signature. They just ask address, message and signature. Means you are able to verify signature with thses details. Public keys isn't necessary here. Even you don't need to provide address to verify signature, wallet automatically will show from which address it has been signed. If wallet themselves calculate public keys means it's not necessary for you. That's what my point.

Quote from: o_e_l_e_o on November 20, 2019, 07:07:08 AM
Careful with your wording here. An address is a hash of a public key. This is important because it means you can't reverse the process and generate a public key from only knowing the address. This is different to compression. For example, if you know a compressed public key, you can calculate the full uncompressed public key without any additional information.
I know address is hash of public key which is one way, can't calculate reverse. I Google about public key, seems most of articles mixed up public keys with address. That's why I just explain normally that address is another appearance of public. Yes, I shouldn't use compressed word in that case. Edited post by the way.
bob123
legendary
Activity: 1624
Merit: 2481
Re: Can I sign a message with more than one address?
November 20, 2019, 08:53:37 AM
#12
Quote from: The Cryptovator on November 20, 2019, 01:18:25 AM
~snip~

This is an incredibly horrible representation of the process.

1) There are no bitcoin 'accounts'.
2) The address is not an 'account number'.
3) The "signature checker" function does need the public key to verify the signature. But this image implies the address is used. It is quite inaccurate. Even for a simplified version of the process.

Alone the wrong naming makes it a bad representation. I'd suggest to rather not use this image when explaining things as it will result in newbies getting confused and/or learning wrong terms.
o_e_l_e_o
legendary
Activity: 2268
Merit: 18711
Re: Can I sign a message with more than one address?
November 20, 2019, 07:07:08 AM
#11
Quote from: The Cryptovator on November 20, 2019, 01:18:25 AM
Public key doesn't necessarily to verify message.
It actually is needed, it's just you don't have to send it to the verifier; they can calculate it themselves.

Quote from: The Cryptovator on November 20, 2019, 01:18:25 AM
Address is a compressed appearance of public key.
Careful with your wording here. An address is a hash of a public key. This is important because it means you can't reverse the process and generate a public key from only knowing the address. This is different to compression. For example, if you know a compressed public key, you can calculate the full uncompressed public key without any additional information.

Quote from: The Cryptovator on November 20, 2019, 01:18:25 AM
You may see below picture how it work
So in that picture, the "f(t,s,a)" function uses the message and signature to calculate the public key, hashes it, and then checks it matches the given address.
The Cryptovator
legendary
Activity: 2394
Merit: 2223
Signature space for rent
Re: Can I sign a message with more than one address?
November 20, 2019, 01:18:25 AM
#10
Quote from: logfiles on November 19, 2019, 08:44:25 AM
In order to verify the sender's signature, the person verifying should know the sender's public key. Without it, there is no way of verifying if the signature is valid.
I think you mixed up public key with address. Public key doesn't necessarily to verify message. Address is a compressed  appearance of public key. And public key genarated from private keys. So only address, message and signature is necessary to verify prove ownership.
ranochigo
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Re: Can I sign a message with more than one address?
November 19, 2019, 10:48:40 AM
#9
Quote from: logfiles on November 19, 2019, 08:44:25 AM
Quote from: btc123thatthere on November 19, 2019, 08:13:04 AM
So does the signature (somehow) reveal the public key?
In order to verify the sender's signature, the person verifying should know the sender's public key. Without it, there is no way of verifying if the signature is valid. And since a public key corresponds to a private key, it would imply that the person who signed the message actually owns the private key of the address without revealing the private key

This video could help: https://www.youtube.com/watch?v=U2bw_N6kQL8
It is not a requirement for the verifier to have the public key of the address used in the signature. The address is NOT the public key but rather, it is the hash of the public key. With the use of ECDSA and the secp256k1 curve, you can determine the 2 possible public keys used to sign the message. The client will then hash the address given by the user to check if it matches the key. Brainwallet can even show you with the address used to sign the message if you don't provide them with one.
o_e_l_e_o
legendary
Activity: 2268
Merit: 18711
Re: Can I sign a message with more than one address?
November 19, 2019, 10:32:38 AM
#8
Quote from: btc123thatthere on November 19, 2019, 08:13:04 AM
So does the signature (somehow) reveal the public key?
The signature on its own does not, but the signature combined with the message does.

Quote from: logfiles on November 19, 2019, 08:44:25 AM
In order to verify the sender's signature, the person verifying should know the sender's public key.
They actually don't need to know the public key, or at least, you don't need to give it them.

To sign a message, you need to include three things: The address (which is a hash of the public key), the signature which you generate, and the message itself. There is no requirement to send your public key to the other party. By using a feature of ECDSA, their wallet or software can recover your public key (actually two possible public keys) by inputting your message and signature in to an equation, and then hash that public key to ensure it matches your address.
logfiles
copper member
Activity: 2114
Merit: 1794
Top Crypto Casino
Re: Can I sign a message with more than one address?
November 19, 2019, 08:44:25 AM
#7
Quote from: btc123thatthere on November 19, 2019, 08:13:04 AM
So does the signature (somehow) reveal the public key?
In order to verify the sender's signature, the person verifying should know the sender's public key. Without it, there is no way of verifying if the signature is valid. And since a public key corresponds to a private key, it would imply that the person who signed the message actually owns the private key of the address without revealing the private key

This video could help: https://www.youtube.com/watch?v=U2bw_N6kQL8
btc123thatthere
member
Activity: 131
Merit: 29
Re: Can I sign a message with more than one address?
November 19, 2019, 08:13:04 AM
#6
So does the signature (somehow) reveal the public key?
The Cryptovator
legendary
Activity: 2394
Merit: 2223
Signature space for rent
Re: Can I sign a message with more than one address?
November 19, 2019, 07:57:40 AM
#5
Quote from: btc123thatthere on November 19, 2019, 07:19:50 AM
Will doing so (producing a signed message) reveal the public key to anyone who sees the signature or just a hash of the public key? (Or a hash straight from the private key?)
Signature is genarated from hash and private keys. It should not effected or revealed your private keys. Its something like you are proving ownership of your address without providing your private to someone else. Every one is free to verify if you provide all details (raw msg, address & signature) except private keys, but no one will see your private key.
Quote from: https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm
the signature to determine that it was originally produced from the hash and the private key, without needing to know the private key.
btc123thatthere
member
Activity: 131
Merit: 29
Re: Can I sign a message with more than one address?
November 19, 2019, 07:19:50 AM
#4
Will doing so (producing a signed message) reveal the public key to anyone who sees the signature or just a hash of the public key? (Or a hash straight from the private key?)
AB de Royse777
legendary
Activity: 2464
Merit: 3878
Hire Bitcointalk Camp. Manager @ r7promotions.com
Re: Can I sign a message with more than one address?
November 19, 2019, 02:55:24 AM
#3
Idea is that signing a message using a bitcoin address means you have the private key. One address one private key so logically and also practically you can not sign a message with more than one address.
achow101
staff
Activity: 3458
Merit: 6793
Just writing some code
Re: Can I sign a message with more than one address?
November 18, 2019, 09:03:59 PM
#2
No. You have to sign the same message multiple times.
btc123thatthere
member
Activity: 131
Merit: 29
Re: Can I sign a message with more than one address?
November 18, 2019, 07:51:52 PM
#1
I'm using Bitcoin Core v0.18.0 & Qt version 5.9.7.

Is it possible to sign a single message from more than one address?
Bitcoin Forum>Bitcoin>Bitcoin Technical Support
Jump to: