Message signing and transaction signing

If you ever need to prove that you are the owner of a certain wallet address, you can do so using a process called message signing. Message signing is a fundamental part of Bitcoin and some other cryptocurrencies, giving holders the ability to confirm that they have access to the funds held in a certain container without actually having to move any of those funds.

In this AAG Academy guide, we’ll look at what message signing is, how it works, and how a signed message can be verified. We’ll also look at the difference between message signing and transaction signing.

What is message signing/transaction signing?

Many cryptocurrencies, including Bitcoin, operate on a decentralized blockchain that is completely open and transparent to the public. That means it is possible for anyone to view the balance of any wallet, simply by looking up its address. Of course, only the holder of the private key to that wallet can move any of the funds inside it, but anyone can see those funds.

To prove that you are the owner of a wallet, you might assume that you would have to transfer some of your funds to someone else, thereby confirming you have the power to access those funds. But thanks to a process called message signing, which is available from Bitcoin and some other cryptocurrencies, there’s no need for your BTC to go anywhere.

Message signing allows you to generate a short, cryptographic message using the private key that protects your wallet. It is similar to verifying your debit card by entering the security code printed on its back; only you have access to this code, and without it, you cannot prove you are the card holder — or that you have access to the funds the account holds.

It’s also possible to use message signing to sign a transaction — and to prove that the transaction is genuine — which is commonly referred to as transaction signing.

Why do we need message signing?

Not only do secure messages make wallet addresses verifiable, but they have some other useful functions. For instance, Bitcoin holders sometimes use message signing to claim hard-forked coins. When a new hard fork of Bitcoin is launched, existing BTC holders can claim some of those coins, the amount of which is determined by how much BTC they hold.

In the past, some Bitcoin holders have been duped into handing over their private key in order to “prove” they hold BTC before new hard-forked coins are issued. This is a scam and you should never share your private key with anyone. Message signing provides another way of confirming BTC ownership — without having to worry about someone emptying your wallet.

Message signing is also used to configure MultiSig wallets, which require users to verify that their wallet address is correct when they sign up. These wallets require multiple parties to sign off on a transaction (hence the name MultiSig), and if one member of the party gets their wallet address wrong, it can mean funds are locked up and cannot be recovered.

Message signing helps prevent that from happening by ensuring that those who set up MultiSig wallets are indeed entering the correct wallet address during the setup process.

How does signing a message work?

A signed message consists of three key features:

1. A signed message
2. An address
3. A signature

The signed message is essentially the complete piece of text, while the address is the wallet address you are verifying. The signature is one of the most important pieces of the text; this confirms that the signed message has been sent by an identifiable party without actually revealing that party’s private keys — which would provide access to their funds.

Here’s an example of a signed message:

—–BEGIN BITCOIN SIGNED MESSAGE—–

Test message

—–BEGIN SIGNATURE—–

1BqtNgMrDXnCek3cdDVSer4BK7knNTDTSR

ILoOBJK9kVKsdUOnJPPoDtrDtRSQw2pyMo+2r5bdUlNkSLDZLqMs8h9mfDm/alZo3DK6rKvTO0xRPrl6DPDpEik=

—–END BITCOIN SIGNED MESSAGE—–

You may notice that each part of the message has a header with five ASCII dashes both before and after it, while each component is displayed on its own line. This helps ensure the signature is easily readable, not only by a user, but also by software.

How to sign a message

To sign a message, you simply need a wallet app that supports message signing. You can then look for the message signing function within that app, which will generate your signed message for you. It should also give you the option to enter a custom message if you need to, which is then combined with your signature, as shown in the example above.

There are also some online services that you can use to generate signed messages, but you should be very careful about which ones you use. You will need to link your wallet to use these, so you have to be sure that the service is trusted and genuine. Scammers have been known to create fake message generators that steal your crypto once they have access.

Some safe and trusted sites include MyCrypto.com and Etherscan. Some of the wallets that support message signing include Bitcoin Core, Electrum, and Ledger.

How do you verify a signed message?

Verifying a signed message is simple; you can simply paste it into a trusted online tool. Bitcoin.com has a great verification tool for Bitcoin signed messages, while Etherscan is perfect for Ethereum. LitecoinPool.org can verify signed messages for Litecoin users.

If the cryptocurrency you’re using isn’t listed here, simply search for the currency followed by “verify signed message” to find the right tool for you. Again, we recommend looking out for trusted sites, but there is less risk here because there is no need to connect your cryptocurrency wallet for this; you simply have to paste in the signed message.

References

• How to sign a message with bitcoin sign message
• Message signing
• How can i sign a message
• Sign Message – How to sign a message with a Bitcoin, Litecoin Address