I like this feature request; I think it will enable even more interesting uses of bitcoin. I created a feature request at github for it.
Example: a store that accepts bitcoins could verify that a customer sending in a question about some transaction actually IS the same person who sent them the bitcoins, by asking the customer to sign their message using one of the same bitcoin addresses they used to sign the coins.
If the "store" is a privacy-focused VPS provider and the question is "Hey, I lost the root password to the virtual server, could you generate a new one and encrypt it with this gpg public key", then tying that message to a bitcoin transactions is extremely useful.
Topic: Feature request : signing a text with a wallet key - page 3. (Read 7400 times)
That's where trust comes in. The old PKI/WOT issue.
If you depend on trust you're not proving anything. Normally proofs are asked exactly when there isn't enough confidence.
Maybe I am overlooking something critical. What is the point of telling somebody how much money you have at some instant, when at any subsequent time, the proof is no longer valid?
The proof is valid while the funds remain in the same address. They may remain there for a long time.
Proof of ownership of an account number? Or of funds in an account? Proof of ownership of an account number can be done with pgp.
Proof of ownership of the actual funds.Proof of ownership of an account number? Or of funds in an account? Proof of ownership of an account number can be done with pgp.
I meant the funds. But even the account number, how do you prove it's yours? The account numbers go to the chain somehow?
Quote
Also, being able to split/merge wallets is interesting too. Today maybe not much, since transfers are free. But they won't remain free forever, and even today, each transfer does imply in a small cost to the entire network. Merging/splitting wallets would be a way to move money around without using the chain. It's also a good feature to have.
Perhaps, but I see this as an issue separate from signatures.Well, if you can export keys, you can sign with them using an external tool at least.
You can associate a public key to an arbitrary identity, not just a name or email address. Gpg allows this.
As far as I understand, the link "gpg key" => "arbitrary identity" is possible, since proof of gpg key ownership is possible though signature.
But "arbitrary identity" => "gpg key" I can't see how, since there's no generic way to prove ownership of an arbitrary identity.
Like, I can create a GPG key and link it to your name. But that isn't my name. See what I mean?
If you want to prove you hold certain funds in an account, I am not sure how extending bitcoin to perform cryptographic signatures can help.
You just sign something with the same private key that owns the coins and that's it, you prove you own such coins. The other party just need to check the block chain to confirm.
Proof of ownership of an account number? Or of funds in an account? Proof of ownership of an account number can be done with pgp.
I meant the funds. But even the account number, how do you prove it's yours? The account numbers go to the chain somehow?
Quote
Also, being able to split/merge wallets is interesting too. Today maybe not much, since transfers are free. But they won't remain free forever, and even today, each transfer does imply in a small cost to the entire network. Merging/splitting wallets would be a way to move money around without using the chain. It's also a good feature to have.
Perhaps, but I see this as an issue separate from signatures.Well, if you can export keys, you can sign with them using an external tool at least.
You can associate a public key to an arbitrary identity, not just a name or email address. Gpg allows this.
As far as I understand, the link "gpg key" => "arbitrary identity" is possible, since proof of gpg key ownership is possible though signature.
But "arbitrary identity" => "gpg key" I can't see how, since there's no generic way to prove ownership of an arbitrary identity.
Like, I can create a GPG key and link it to your name. But that isn't my name. See what I mean?
If you want to prove you hold certain funds in an account, I am not sure how extending bitcoin to perform cryptographic signatures can help.
You just sign something with the same private key that owns the coins and that's it, you prove you own such coins. The other party just need to check the block chain to confirm.
Proof of ownership of an account number? Or of funds in an account? Proof of ownership of an account number can be done with pgp.
Proof of ownership of the actual funds.Quote
Quote
Can you? I don't know how... I thought the account feature wasn't even public... can anyone knows how much I own on account X just by checking the block chain?
How do I create a key related to this account and use it to sign something, proving that I am the owner of such amount?
You can associate a public key to an arbitrary identity, not just a name or email address. Gpg allows this. If you want to prove you hold certain funds in an account, I am not sure how extending bitcoin to perform cryptographic signatures can help.How do I create a key related to this account and use it to sign something, proving that I am the owner of such amount?
Point is you can prove ownership of funds by signing arbitrary data with a private key, so I see this feature as very useful.
My point is that bitcoin is a currency. It shouldn't be in the business of general-use public key crypto.
Signing with a bitcoin private key provides proof of ownership. This may have many use cases. It's a good feature.
You can already associate a gpg key to an account.
Can you? I don't know how... I thought the account feature wasn't even public... can anyone knows how much I own on account X just by checking the block chain?
How do I create a key related to this account and use it to sign something, proving that I am the owner of such amount?
It all depends on what you want bitcoin to be. If you wish for it to become a monolithic application which can perform arbitrary cryptographic functions, by all means, go for it.
It doesn't need to be monolithic. The code that manages the wallet doesn't have to be the same that interacts to the network. They'd better not be, imho.
The wallet is a specific type of keystore. As a keystore, it would be nice to be able to import/export keys, and actually using them.
For example, another use case would be to encrypt some message for the owner of address X only. It could be encrypted using the public key of such address. The receiver must be able to retrieve the corresponding private key and use it to decrypt the message.
My point is that bitcoin is a currency. It shouldn't be in the business of general-use public key crypto.
Signing with a bitcoin private key provides proof of ownership. This may have many use cases. It's a good feature.
Also, being able to split/merge wallets is interesting too. Today maybe not much, since transfers are free. But they won't remain free forever, and even today, each transfer does imply in a small cost to the entire network. Merging/splitting wallets would be a way to move money around without using the chain. It's also a good feature to have.
You can already associate a gpg key to an account.
Can you? I don't know how... I thought the account feature wasn't even public... can anyone knows how much I own on account X just by checking the block chain?
How do I create a key related to this account and use it to sign something, proving that I am the owner of such amount?
This violates the "one job and do it well" philosophy. There already exist established standards for cryptographic signatures.
That's a unix principle, not a bitcoin one.
I like this feature, it's not overloading the protocol in any way and I can see a bunch of potential uses.
Opened a git issue : https://github.com/bitcoin/bitcoin/issues/issue/6
Security is also of paramount importance for bitcoin, and you can't exploit code that doesn't exist.
This violates the "one job and do it well" philosophy. There already exist established standards for cryptographic signatures.
That's a unix principle, not a bitcoin one.
I like this feature, it's not overloading the protocol in any way and I can see a bunch of potential uses.
Opened a git issue : https://github.com/bitcoin/bitcoin/issues/issue/6
We should be mindful that with features come code. Code which must be written, debugged, maintained... and code which may potentially be exploited. The slimmer bitcoin remains, the better.
Well, I guess you're right.
This violates the "one job and do it well" philosophy. There already exist established standards for cryptographic signatures.
Ok then someone tells me how I can :
- extract an ECDSA private key from a wallet file ;
- use this key to sign data ;
- verify data signed this way ;
My point is that bitcoin is a currency. It shouldn't be in the business of general-use public key crypto. If you want to sign data, something like gpg would do a better job. You can already associate a gpg key to an account. I think it would be best to avoid encumbering bitcoin with redundant functionality. We should be mindful that with features come code. Code which must be written, debugged, maintained... and code which may potentially be exploited. The slimmer bitcoin remains, the better.
This violates the "one job and do it well" philosophy. There already exist established standards for cryptographic signatures.
Ok then someone tells me how I can :
- extract an ECDSA private key from a wallet file ;
- use this key to sign data ;
- verify data signed this way ;
This violates the "one job and do it well" philosophy. There already exist established standards for cryptographic signatures.
Actually it would be even nicer if we could treat our wallet.dat file as a generic keystore, importing and exporting keys.
This would allow merging and splitting of wallets as well, besides signatures as suggested above.
This would allow merging and splitting of wallets as well, besides signatures as suggested above.
+1
This would be nice.
Actually it would be even nicer if we could treat our wallet.dat file as a generic keystore, importing and exporting keys.
This would allow merging and splitting of wallets as well, besides signatures as suggested above.
Actually it would be even nicer if we could treat our wallet.dat file as a generic keystore, importing and exporting keys.
This would allow merging and splitting of wallets as well, besides signatures as suggested above.
I'd like to be able to use one of my wallet keys to sign an ASCII text.
syntax of the command would be :
Code:
$ bitcoind signwithaddress BITCOIN_ADRESS < somefile > somefile.asc
$ bitcoind verifysignature < somefile.asc
correct signature done on DATE by address BITCOIN_ADRESS
Message was :
....
somefile.asc could be written in a form such as :
---- BEGIN ECDSA SIGNED MESSAGE ----
...
---- END ECDSA SIGNED MESSAGE ----
Or something like that.