Bitcoin Forum

Hello
In the sign/verify messages window of the official bitcoin wallet there are some sentences that i do not quite understand.
"Be careful not to sign anything vague, as phishing attacks may try to trick you into signing your identity over to them."
"Be careful not to read more into the signature than what is in the signed message itself, to avoid being tricked by a man-in-the-middle attack."
I don't get these warnings. Could anyone clarify?
Thanks

Signing means you own the address associated with it.

If someone wanted to pretend to be the owner of an address they could ask you to sign some random text or message to verify you. They then go and show another person the message. That's why it warns about being vague. Sign the messages with names, and details, so that other people can't then foreward it to someone else claiming they created the message.

I think i get it. If someone asks me to sign a message instead of just sending a message like [message] i should add something like [Form the desk of chriscross (and other identifiable details)]? Right?
The second warning i still don't get...

I think what he means is try to include details like, time and date payment was sent or details about what the payment is for.

However, i still do not fully understand the concept of this signing/verifying messages.

Say I send someone .32 BTC for 2 Eruptors listed from a group buy. The seller received my BTC as well as 35 other payments at around the same time and a lot of them are identical payments (.32BTC) as mine. Signing a message would tie my name to an address for the seller to create a "receipt" or at the least visually confirm that he is sending the items to the person that paid for them. Is this correct?

If I do not sign the message on my own, would the seller be able to request a signature message?

Please correct me if I am wrong but isn't one of the main reasons to use BTC is because of anonymity and the inability for purchases/payments to be tracked/hacked/duplicated? So isn't signing messages, attaching your name to the account and destroying your anonymity?

I'm sure it doesn't put a permanent name on the account but it creates some sort of "paper" trail for some1 to eventually figure out this address goes to this person?

Or is that the reason people recommend creating a new address for each purchase?

If it's not obvious I am still extremely new to BTC trading/purchases and have still not made a purchase with my wallets as I am still very unsure how the process is supposed to go and how to prove I paid if I don't get an item.

Thank you very much for your time, help and advice! It's all greatly appreciated!

Pretty much this

Not sure why you want to do this anywways, unless you are a bigshot like John etc

I am only getting more confused now...=/