Signing messages offline / sending online

deuteragenie

newbie

Activity: 36

Merit: 0

Quote from: vh on June 29, 2017, 10:15:31 AM

It was a little hard finding a self contained message signing page. It shouldn't be.
...
If you don't want to install a full wallet, you can take this route.
...

Just installing bitcoind and running bitcoin-cli signmessagewithprivkey offline worked like a charm.
No need to download the blockchain whatsoever so this is a very fast (2 minutes install time) and secure way to generate signed messages.

Thx to all for the explanations.

vh

hero member

Activity: 699

Merit: 666

It was a little hard finding a self contained message signing page. It shouldn't be.
I cobbled a one pager together a sample based off of some js files I found from other projects.

http://mining.tipsternet.com/sign_message.html

If you don't want to install a full wallet, you can take this route.
Read through the page source and construct your own.
With existing libraries, it can be compacted down to a few lines of javascript code.

deuteragenie

newbie

Activity: 36

Merit: 0

Quote from: Sweetbtc on June 29, 2017, 12:58:18 AM

I am confused, why would you think that signing and broadcasting were linked in any way?

There are probably several reasons for why this is the case:
- Me being stupid, as I mentioned above, is a primary cause of why I would think this could be the case
- Another reason could be the confusion that exists between signing a transaction and signing a message
- And yet another one could be that the documentation is maybe lacking / unclear

I hope this helps your understanding.

Sweetbtc

hero member

Activity: 938

Merit: 503

👉bit.ly/3QXp3oh | 🔥 Ultimate Launc

I am confused, why would you think that signing and broadcasting were linked in any way? Broadcasting is broadcasting and that is the final bit . The rest is preparing the data for broadcast and the inclusion of this and that into that TX, how could you in any way confuse a single moment of the building of the TX with the sending of that data to the network?

deuteragenie

newbie

Activity: 36

Merit: 0

Aaaah! You nailed it. Stupid me was under the impression that signing was somehow linked to broadcasting the message/signed message.
But it is not the case, so my questions were not relevant indeed.
Thank you for making it clear.

I guess I will try this API then: https://bitcoin.org/en/developer-reference#signmessagewithprivkey

DannyHamilton

legendary

Activity: 3416

Merit: 4658

Quote from: deuteragenie on June 28, 2017, 08:35:59 AM

what is unclear to me is how to generate the signed message on the airgapped computer, but submit it on an online computer.

Submit it? Submit it where? I assume you mean "email it", or "text it", or "post it to a discussion forum", or something like that?

While you can sign any binary data, typically people sign text based messages. The binary signature is also typically converted to text with base64 encoding.

Since it is text, you can transfer it from the offline computer to the online computer using any method you like. Some possible examples are:

Save the text message and signature to a file on a USB
Generate a QR code from the message and signature and scan it with the online computer
Type the message carefully into the online com[puter with a keyboard
Take a picture of the message and signature

Quote from: deuteragenie on June 28, 2017, 08:35:59 AM

For that, I would need to be able to export the message/signed message on a USB key for example.
Is this possible using existing tools?

Sure. You can use the clipboard on the offline computer to copy the message and signature and paste it into your favorite text editor or word processing program.

Then, once you've got the message and signature on an online computer you can email it, or post it to a forum, or text it, or any other method you like to use for sharing text with someone.

mocacinno

legendary

Activity: 3402

Merit: 5004

https://merel.mobi => buy facemasks with BTC/LTC

Quote from: deuteragenie on June 28, 2017, 08:35:59 AM

Thank you.

I understand that I can import the private key in an (offline) tool on an airgapped computer.
However, what is unclear to me is how to generate the signed message on the airgapped computer, but submit it on an online computer.
For that, I would need to be able to export the message/signed message on a USB key for example.
Is this possible using existing tools?

I actually wrote an article on the topic with a step by step tutorial a while ago:
http://www.mocacinno.com/blog/how-to-sign-a-message-with-a-bip38-encrypted-paper-wallet/

deuteragenie

newbie

Activity: 36

Merit: 0

Thank you.

I understand that I can import the private key in an (offline) tool on an airgapped computer.
However, what is unclear to me is how to generate the signed message on the airgapped computer, but submit it on an online computer.
For that, I would need to be able to export the message/signed message on a USB key for example.
Is this possible using existing tools?

stiffbud

hero member

Activity: 980

Merit: 500

Quote from: deuteragenie on June 28, 2017, 04:21:23 AM

I have a paper wallet, and would like to sign a message (NOT a transaction!) offline, on an air-gapped computer, transfer the message and signature using a USB key to an online computer and send the message and signature online.

a) Is there a way to achieve the above?
b) Do I put my private keys in danger in any way? In particular, can I trust the digital signature algorithm to be robust? (i.e. NOT to reveal anything about the private key)
c) Do I need to pay fees to submit the message?

question was already answered by the other guy above. Besides Electrum you can use mycelium in mobile. Importing the privatekey is safe as long as you are sure that you device does not have any key stealing virus or malware in it. Signing and verifyjng the message is also free so no fee.

ranochigo

legendary

Activity: 2982

Merit: 4193

Quote from: deuteragenie on June 28, 2017, 04:21:23 AM

I have a paper wallet, and would like to sign a message (NOT a transaction!) offline, on an air-gapped computer, transfer the message and signature using a USB key to an online computer and send the message and signature online.

a) Is there a way to achieve the above?

Yes. You have to import the keys into a client like Electrum. Else, you can download the brainwallet script and only use the sign feature

Quote from: deuteragenie on June 28, 2017, 04:21:23 AM

b) Do I put my private keys in danger in any way? In particular, can I trust the digital signature algorithm to be robust? (i.e. NOT to reveal anything about the private key)

The sign message feature will not reveal anything about your Bitcoins private key if it is done correctly. I've never heard of any client leaking the private key. You wouldn't have any problems if you could verify that the Electrum build is official.

Quote from: deuteragenie on June 28, 2017, 04:21:23 AM

c) Do I need to pay fees to submit the message?

No. The message is not transferred over the blockchain. You have to manually send the whole output of the message for users to verify it.

deuteragenie

newbie

Activity: 36

Merit: 0

I have a paper wallet, and would like to sign a message (NOT a transaction!) offline, on an air-gapped computer, transfer the message and signature using a USB key to an online computer and send the message and signature online.

a) Is there a way to achieve the above?
b) Do I put my private keys in danger in any way? In particular, can I trust the digital signature algorithm to be robust? (i.e. NOT to reveal anything about the private key)
c) Do I need to pay fees to submit the message?

Topic: Signing messages offline / sending online (Read 863 times)