|
Title: Signed message by me: IMPORTANT! Post by: Stedsm on January 18, 2018, 01:42:32 PM Friends,
I've recently used my private key being online over a website named segwitaddress.org Though, it's not a phishing site by any means (as it's an open-source project and is in the list of supporting entities of SegWit), I believe that my address 19RidcN96xgXkWi8gDwxcmbjjdjfrxpxvv has been compromised and that, I think that someone might misuse the information (private key) to sign message and/or hack my account here. So, I am signing a message with that address with something important: Code: -----BEGIN BITCOIN SIGNED MESSAGE----- Title: Re: Signed message by me: IMPORTANT! Post by: ibminer on January 18, 2018, 04:08:40 PM Friends, I've recently used my private key being online over a website named segwitaddress.org Though, it's not a phishing site by any means (as it's an open-source project and is in the list of supporting entities of SegWit), I believe that my address 19RidcN96xgXkWi8gDwxcmbjjdjfrxpxvv has been compromised and that, I think that someone might misuse the information (private key) to sign message and/or hack my account here. So, I am signing a message with that address with something important: Code: -----BEGIN BITCOIN SIGNED MESSAGE----- Message verified. However, if your private key is compromised, I wouldn't really know if it's actually you signing this message and not the person who may have your private key. I guess I can accept the fact that the password hasn't been changed on your bitcointalk account yet as reasonable logic that your account is probably not compromised, but if you really think your private key is compromised, you may want to move to a new wallet and sign a message showing your prior address & new address of your new wallet. I'm curious if you used the offline options of this website or not? The site is created by coinableS (https://bitcointalk.org/index.php?action=profile;u=359727) and the code looks legitimate so far but I haven't been through all of the JS. I'd still never put my private key on a website, and would take every precaution (at least shut off internet access) if attempting to use the "offline" version. A good general rule to follow: Never enter your private key on a website Title: Re: Signed message by me: IMPORTANT! Post by: Stedsm on January 18, 2018, 05:53:19 PM Code: -----BEGIN BITCOIN SIGNED MESSAGE----- Use Electrum to successfully verify it, as I've signed it through an Electrum wallet. Hope this helps. :) Title: Re: Signed message by me: IMPORTANT! Post by: marlboroza on January 18, 2018, 07:01:58 PM However, if your private key is compromised, I wouldn't really know if it's actually you signing this message and not the person who may have your private key. True but:but if you really think your private key is compromised, you may want to move to a new wallet and sign a message showing your prior address & new address of your new wallet. Hm, how is that going to prove anything? Can you sign message from one of these: Code: 13CZj5mHbrh3mAyjBZ3yCfKKeFUsfsrDC9 Or better, can you sign message from here: Code: 0x8AdD01DABcDFAD3a64A2e2EAf25D4bd1d97af301 Title: Re: Signed message by me: IMPORTANT! Post by: Stedsm on January 18, 2018, 07:25:07 PM However, if your private key is compromised, I wouldn't really know if it's actually you signing this message and not the person who may have your private key. True but:but if you really think your private key is compromised, you may want to move to a new wallet and sign a message showing your prior address & new address of your new wallet. Hm, how is that going to prove anything? Can you sign message from one of these: Code: 13CZj5mHbrh3mAyjBZ3yCfKKeFUsfsrDC9 Or better, can you sign message from here: Code: 0x8AdD01DABcDFAD3a64A2e2EAf25D4bd1d97af301 Those were my elder brother's addresses, not mine. Mine is 0x3599645090EFC014A5963E53906E98D38a51dEb0, check the given link below: https://bitcointalk.org/index.php?topic=2047474.msg20505791#msg20505791 Code: {Hope I won't need anything more to prove that it's still me. ;) Title: Re: Signed message by me: IMPORTANT! Post by: marlboroza on January 18, 2018, 08:38:16 PM Those were my elder brother's addresses, not mine. You said your address has been compromised and that address is part of your elder's brother wallet https://www.walletexplorer.com/wallet/2000677ee99cbe15/addresses so I thought it would be OK to sign message from address which is part of that wallet. Code: {Title: Re: Signed message by me: IMPORTANT! Post by: ibminer on January 18, 2018, 09:44:39 PM However, if your private key is compromised, I wouldn't really know if it's actually you signing this message and not the person who may have your private key. True but:but if you really think your private key is compromised, you may want to move to a new wallet and sign a message showing your prior address & new address of your new wallet. Hm, how is that going to prove anything? Not proving anything, that 2nd piece was more advice on moving to a new private key and then signing a message here to show the move to others... under the assumption that his account here has not been compromised. It would at least show the move to a new wallet and could possibly be used later if his account somehow gets compromised, or handed over to someone claiming the account is hacked and claims to be the original account owner by signing a message using the old wallet. One would still have to accept that the owner of the account, as of right now, is the original owner, in order to accept the signed message as a move to a new wallet/key. |