Author

Topic: For those who need it: Quickly sign a message with your private key in browser (Read 1521 times)

legendary
Activity: 3472
Merit: 4801
I thought we were away from using random numbers to chose the k-values for a long time already.

And I thought we were away from people using bitcoin addresses more than once.

Yet somehow people and programs continue to do things that that are are advised against by the experts.

I suspect your program is fine. There probably aren't many (any?) realistic situations where Bitcore would re-use a k value.  But for the ultra-paranoid:

Don't sign anything using a private key that is associated with any address that is currently or ever in the future will be associated with any bitcoins, don't use a private key or an address more than once.
legendary
Activity: 1260
Merit: 1168
Quote
The main concern here that people will want to be aware of is that running something "on a computer that never touches the internet" is not helpful if the signature calculation re-uses a k value.  I would hope the bitcore nodejs module won't have such a problem, but bugs happen and mistakes (and malicious behavior) happen.

If people are going to re-use bitcoin addresses, generating multiple signatures with them, then they should be aware that they can leak their private key without ever letting the private key touch an internet connected computer.  Wouldn't want anyone to develop a false sense of security now, would we?

I thought we were away from using random numbers to chose the k-values for a long time already. When I sign a message, the signature is always the same no matter how ofter I sign it. Seems that Bitcore uses (correctly) a deterministic signing scheme which is based on the message (or better, the pseudorandomness derived from its cryptographic hash) itself. But that again means, that it is impossible that two different signatures use the same r-value (lets ignore the unlikely case of hash collisions for now)? Am I correct?

I mean we could have a deeper look into Bitcore of course. If in doubt, I would always decide for a deeper investigation!
legendary
Activity: 3472
Merit: 4801
I have not yet reviewed this code, but IF there is a bug in the code (or introduced into the bitcore nodejs module) that re-uses k values, then running this on a computer that never touches the internet will not protect you.  It will be possible to calculate your private key from the combination of 2 signatures.

I appreciate your very kind offer to carefully review the code. I understand that such processes take their time, so that it was not "yet" possible.
To give everyone else the chance here to have a look at the code themselves as well, here it is Grin

Quote
var dumbsign = function(wif,msg){
   var privateKey = bitcore.PrivateKey.fromWIF(wif);
   var signature = Message(msg).sign(privateKey);
   return signature;
}

Any "bug reports", improvement suggestions or reimplementations are welcome  Smiley

I saw that you included the github link and I was going to take a look tonight.  Hadn't even clicked on it yet.

I wasn't aware that it was so short, or else I may have taken a look right away.  Wink

The main concern here that people will want to be aware of is that running something "on a computer that never touches the internet" is not helpful if the signature calculation re-uses a k value.  I would hope the bitcore nodejs module won't have such a problem, but bugs happen and mistakes (and malicious behavior) happen.

If people are going to re-use bitcoin addresses, generating multiple signatures with them, then they should be aware that they can leak their private key without ever letting the private key touch an internet connected computer.  Wouldn't want anyone to develop a false sense of security now, would we?
legendary
Activity: 1260
Merit: 1168
I have not yet reviewed this code, but IF there is a bug in the code (or introduced into the bitcore nodejs module) that re-uses k values, then running this on a computer that never touches the internet will not protect you.  It will be possible to calculate your private key from the combination of 2 signatures.

I appreciate your very kind offer to carefully review the code. I understand that such processes take their time, so that it was not "yet" possible.
To give everyone else the chance here to have a look at the code themselves as well, here it is Grin

Quote
var dumbsign = function(wif,msg){
   var privateKey = bitcore.PrivateKey.fromWIF(wif);
   var signature = Message(msg).sign(privateKey);
   return signature;
}

Yes, that was the entire (relevant) code! Any "bug reports", improvement suggestions or reimplementations are welcome  Smiley
legendary
Activity: 3472
Merit: 4801
- snip -
Disclaimer: Use at own risk! The software is using the bitcore nodejs module which I am not responsible for and which is too complex for me to verify in terms of security. The paranoid download the code and run it on a computer that never touches the internet!
- snip -

An additional but important warning...

I have not yet reviewed this code, but IF there is a bug in the code (or introduced into the bitcore nodejs module) that re-uses k values, then running this on a computer that never touches the internet will not protect you.  It will be possible to calculate your private key from the combination of 2 signatures.
legendary
Activity: 1260
Merit: 1168
This is friggin awesome. There are so many times I need to sign messages while I'm at work, but we can't run .exe files here, so a full node or even just a wallet is out of the question - this solves so many problems!

Thanks for the nice feedback  Wink
full member
Activity: 140
Merit: 100
This is friggin awesome. There are so many times I need to sign messages while I'm at work, but we can't run .exe files here, so a full node or even just a wallet is out of the question - this solves so many problems!
legendary
Activity: 1526
Merit: 1001
If anyone of you needs to quickly sign a message without having the core client handy, feel free to use https://ordinarydude.github.io/offline-bitcoin-signer/.
The source code can be found at: https://github.com/OrdinaryDude/offline-bitcoin-signer

Disclaimer: Use at own risk! The software is using the bitcore nodejs module which I am not responsible for and which is too complex for me to verify in terms of security. The paranoid download the code and run it on a computer that never touches the internet!

Everything works perfect except one thing, why I can't copy the signature code? People can use this website to sign a message and then copy to send or post somewhere. It would be good if you can modify it and let people copy the entire signed message like this one http://wallet-2sx53n.sakurity.com/#sign

Good catch! Fixed!
I will make a js version tomorrow!

Good that you hear my advice, and I see that now it is fixed and working. What do you think to make a field that will generate the complete signed message format like this one :
Code:
-----BEGIN BITCOIN SIGNED MESSAGE-----
[This is an example of a signed message.]
-----BEGIN SIGNATURE-----
[Btc Address]
[Signature]
-----END BITCOIN SIGNED MESSAGE-----
legendary
Activity: 1260
Merit: 1168
If anyone of you needs to quickly sign a message without having the core client handy, feel free to use https://ordinarydude.github.io/offline-bitcoin-signer/.
The source code can be found at: https://github.com/OrdinaryDude/offline-bitcoin-signer

Disclaimer: Use at own risk! The software is using the bitcore nodejs module which I am not responsible for and which is too complex for me to verify in terms of security. The paranoid download the code and run it on a computer that never touches the internet!

Everything works perfect except one thing, why I can't copy the signature code? People can use this website to sign a message and then copy to send or post somewhere. It would be good if you can modify it and let people copy the entire signed message like this one http://wallet-2sx53n.sakurity.com/#sign

Good catch! Fixed!
I will make a js version tomorrow!
legendary
Activity: 1526
Merit: 1001
If anyone of you needs to quickly sign a message without having the core client handy, feel free to use https://ordinarydude.github.io/offline-bitcoin-signer/.
The source code can be found at: https://github.com/OrdinaryDude/offline-bitcoin-signer

Disclaimer: Use at own risk! The software is using the bitcore nodejs module which I am not responsible for and which is too complex for me to verify in terms of security. The paranoid download the code and run it on a computer that never touches the internet!

Everything works perfect except one thing, why I can't copy the signature code? People can use this website to sign a message and then copy to send or post somewhere. It would be good if you can modify it and let people copy the entire signed message like this one http://wallet-2sx53n.sakurity.com/#sign
sr. member
Activity: 329
Merit: 251
If anyone of you needs to quickly sign a message without having the core client handy, feel free to use https://ordinarydude.github.io/offline-bitcoin-signer/.
The source code can be found at: https://github.com/OrdinaryDude/offline-bitcoin-signer
Fantastic work! It would be great if u added a JS based signed message verifier as well.
legendary
Activity: 1260
Merit: 1168
thanks for this project its really very helpful and will save much time by the way are you sure that people will sign messages with there private keys i thought we do it with public keys

No, you have to sign with the private key. The public key is available to the public when you have at least one outgoing transaction and can be viewed on any block explorer. If we could sign messages with public keys only, I could easily sign messages in your name  Wink
But you can verify a signature with the public key!
legendary
Activity: 1274
Merit: 1004
thanks for this project its really very helpful and will save much time by the way are you sure that people will sign messages with there private keys i thought we do it with public keys
legendary
Activity: 1260
Merit: 1168
If anyone of you needs to quickly sign a message without having the core client handy, feel free to use https://ordinarydude.github.io/offline-bitcoin-signer/.
The source code can be found at: https://github.com/OrdinaryDude/offline-bitcoin-signer

Disclaimer: Use at own risk! The software is using the bitcore nodejs module which I am not responsible for and which is too complex for me to verify in terms of security. The paranoid download the code and run it on a computer that never touches the internet!

Jump to: