Proving ownership of an address with a message

Jeronaba

newbie

Activity: 4

Merit: 0

Quote from: DannyHamilton on August 01, 2017, 12:09:13 PM

As long as that Electrum wallet has been online in the past and has been used to send bitcoin transactions, then you are not increasing your risk by signing a message while it is connected to the internet. The risk will be the same as if you sent a transaction from that same address.

OK, I'll procced with the message then.
Thank you, and sorry if the answers seemed obvious, but I prefer to be careful.

DannyHamilton

legendary

Activity: 3472

Merit: 4794

Quote from: Jeronaba on August 01, 2017, 11:27:08 AM

I will sign the message with Electrum while being online, that's what I meant.

As long as that Electrum wallet has been online in the past and has been used to send bitcoin transactions, then you are not increasing your risk by signing a message while it is connected to the internet. The risk will be the same as if you sent a transaction from that same address.

Jeronaba

newbie

Activity: 4

Merit: 0

Quote from: DannyHamilton on August 01, 2017, 11:11:48 AM

That's one option. The specific method isn't important. What's important is that you think about what you are signing, and determine if the message and signature could be re-used.

OK

Quote from: Jeronaba on August 01, 2017, 10:43:08 AM

As long as the signature was created by properly written software, it should be fine. If you are using some closed source software, or software that hasn't been reviewed by knowledgeable people, then there is a chance that the signing software could have a bug that leaks the private key with the signature.

Quote from: Jeronaba on August 01, 2017, 10:43:08 AM

What do you mean when you say "signing online"? Are you using a website to generate the signature? That would be bad, since you'd have to give the website your private key. Are you just using software on a computer that is connected to the internet? How did you generate the address or original transaction? Were they created on an offline computer?

I will sign the message with Electrum while being online, that's what I meant.

DannyHamilton

legendary

Activity: 3472

Merit: 4794

Quote from: Jeronaba on August 01, 2017, 10:43:08 AM

So to sum up, I'll have to write a message specific to the situation with also a name that identifies me and a name that identifies him and a date.

That's one option. The specific method isn't important. What's important is that you think about what you are signing, and determine if the message and signature could be re-used.

Quote from: Jeronaba on August 01, 2017, 10:43:08 AM

giving him the public key in the signature does not pose a problem.

As long as the signature was created by properly written software, it should be fine. If you are using some closed source software, or software that hasn't been reviewed by knowledgeable people, then there is a chance that the signing software could have a bug that leaks the private key with the signature.

Quote from: Jeronaba on August 01, 2017, 10:43:08 AM

And signing online

What do you mean when you say "signing online"? Are you using a website to generate the signature? That would be bad, since you'd have to give the website your private key. Are you just using software on a computer that is connected to the internet? How did you generate the address or original transaction? Were they created on an offline computer?

Quote from: Jeronaba on August 01, 2017, 10:43:08 AM

If I do all the steps above, I can then proceed without risk?

There is no such thing as 0 risk in life. All you can do is manage and mitigate risk. There is always more that can be done, but it isn't always reasonable to do so in a given circumstance.

Jeronaba

newbie

Activity: 4

Merit: 0

Thanks all for your answers!

Wow, you're scaring me now. I thought it was going to be a normal and known procedure.

EDIT: I specify that I was asked to do this procedure for an old transaction, not a future one.

So to sum up, I'll have to write a message specific to the situation with also a name that identifies me and a name that identifies him and a date. And signing online and giving him the public key in the signature does not pose a problem.

If I do all the steps above, I can then proceed without risk?

philipma1957

legendary

Activity: 4256

Merit: 8551

'The right to privacy matters'

Quote from: DannyHamilton on August 01, 2017, 09:51:37 AM

Think carefully about the message you sign, and make sure that someone else can't re-use the message and signature to pretend to be you.

For example:

I could ask you to sign the following message:
"I have exclusive control over the funds in address 1YourAddressHere"

(replacing 1YourAddressHere with your actual address).

If you signed that address, then I could lie to someone else and tell them that the address is mine. I could then just forward them the message and signature that you sent me, and they would see a valid message and signature.

On the other hand, if you signed the following message:
"On 2017-08-01 at 13:48:00 UTC DannyHamilton is requesting that I, Jeronaba, sign this message to prove that I have exclusive control over the funds in address 1YourAddressHere as of that moment."

Then it would be much more difficult for me to forward that message on to anyone and have them be fooled. First I would need to convince them that I am "Jeronaba", then I'd somehow need to convince them that they are "DannyHamilton", and finally I'd have to convince them that they asked me for the message "On 2017-08-01 at 13:48:00 UTC".

The time dating is very effective method. At times I ask for a specific dust amount rather then a message.

0.0000xxxx where the xxxx is a number I chose for a person to send from the address they are trying to prove is their address.

if a 10000 to 1 seems not secure I ask for a second send of 0.0000xxxx which makes it 10,000 squared. this was good when fees were low.

now that coin is up to 2800 usd and fees are 0.001 at times this is not very effective. I may go to time stamping.

I liked the dust on demand as it was simple for a new person to do correctly.

DannyHamilton

legendary

Activity: 3472

Merit: 4794

Think carefully about the message you sign, and make sure that someone else can't re-use the message and signature to pretend to be you.

For example:

I could ask you to sign the following message:
"I have exclusive control over the funds in address 1YourAddressHere"

(replacing 1YourAddressHere with your actual address).

If you signed that address, then I could lie to someone else and tell them that the address is mine. I could then just forward them the message and signature that you sent me, and they would see a valid message and signature.

On the other hand, if you signed the following message:
"On 2017-08-01 at 13:48:00 UTC DannyHamilton is requesting that I, Jeronaba, sign this message to prove that I have exclusive control over the funds in address 1YourAddressHere as of that moment."

Then it would be much more difficult for me to forward that message on to anyone and have them be fooled. First I would need to convince them that I am "Jeronaba", then I'd somehow need to convince them that they are "DannyHamilton", and finally I'd have to convince them that they asked me for the message "On 2017-08-01 at 13:48:00 UTC".

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: Jeronaba on August 01, 2017, 05:07:55 AM

So if I understood well, I have to give the other person the message, the address, and the signature that was generated ?

Yes.

Quote from: Jeronaba on August 01, 2017, 05:07:55 AM

Is it known to pose a privacy problem to give these informations ?

Yes. By signing a message with the information eg. Jeronaba 1/8/2017, you are essentially telling them you control the address and every transaction is made by or for you. You are also giving the public key in the signature, not much in terms of privacy since it is sent during a transaction from the address as well.

Quote from: Jeronaba on August 01, 2017, 05:07:55 AM

I saw that you could sign a transaction offline. In my case, is it recommended in terms of privacy or not ?

Thank you!

It doesn't make a huge difference. The reason for signing a transaction offline is more for security. If your address is kept online, signing it offline doesn't change anything.

User365

sr. member

Activity: 434

Merit: 251

physics, mathematics and engineering

Quote from: Jeronaba on August 01, 2017, 05:07:55 AM

Hi,

I need to prove the ownership of an address with a signed message.
So if I understood well, I have to give the other person the message, the address, and the signature that was generated ?
Is it known to pose a privacy problem to give these informations ?
I saw that you could sign a transaction offline. In my case, is it recommended in terms of privacy or not ?

Thank you!

Normally it happens like this:

1) you receive a message from your opponent which you shall sign (f.e. I would give you user365 1.Aug.2017)
2) You sign it within your wallet with your btc address, therefore you need your privkey (wallet manages that automatically)
3) the signed message is sent to your opponent
4) he can verify the message with your public address

no privacy problem here as far as I am concerned

Jeronaba

newbie

Activity: 4

Merit: 0

Hi,

I need to prove the ownership of an address with a signed message.
So if I understood well, I have to give the other person the message, the address, and the signature that was generated ?
Is it known to pose a privacy problem to give these informations ?
I saw that you could sign a transaction offline. In my case, is it recommended in terms of privacy or not ?

Thank you!

Topic: Proving ownership of an address with a message (Read 544 times)