Title: JSON RPC PHP + blockchain.info + verifymessage Post by: dexX7 on September 19, 2013, 01:52:44 AM Hi all,
I'm trying to find out how to verify a message and I'm using the jsonRPCClient combined with blockchain.info. While other stuff works like a charm, I'm unable to verify a message and the result is always false. This is the code I'm using: Code: <?php Any hint is appreciated as well as other solutions. Thanks! P.S.: it's a dummy account, don't even try.. ;) Edit: actually it would be very sufficient, if I'd have a function like verify($message, $signature) -> address. Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: nahtnam on September 19, 2013, 04:38:38 AM Well I have never used the rpc api, but in coinbase, instead of validating the address, I just try to send a payment, and catch the exception (if any)...
Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: dexX7 on September 19, 2013, 09:10:06 AM Well I have never used the rpc api, but in coinbase, instead of validating the address, I just try to send a payment, and catch the exception (if any)... Hi nahtnam, thanks for the answer! Actually I don't want to validate an address, but I'd like to know which address belongs to "known message" + "input signature". Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: nahtnam on September 19, 2013, 03:55:10 PM Well I have never used the rpc api, but in coinbase, instead of validating the address, I just try to send a payment, and catch the exception (if any)... Hi nahtnam, thanks for the answer! Actually I don't want to validate an address, but I'd like to know which address belongs to "known message" + "input signature". Sorry I don't know what that means... :P Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: bardi.harborow on September 19, 2013, 10:14:32 PM Am I the only one who logged in to his blockchain.info account instantly? :)
Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: dexX7 on September 20, 2013, 09:07:52 PM Am I the only one who logged in to his blockchain.info account instantly? :) Not a big deal. Feel free to do so. ;) Sorry I don't know what that means... :P If you take a look at http://brainwallet.org/#verify for example, you enter a message and a signature and the result is a Bitcoin address. I'm looking for something similar and $rpc->verifymessage($address, $signature, $message); is the closest thing I've found, though it doesn't work as mentioned above. Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: nahtnam on September 20, 2013, 09:13:12 PM Am I the only one who logged in to his blockchain.info account instantly? :) Not a big deal. Feel free to do so. ;) Sorry I don't know what that means... :P If you take a look at http://brainwallet.org/#verify for example, you enter a message and a signature and the result is a Bitcoin address. I'm looking for something similar and $rpc->verifymessage($address, $signature, $message); is the closest thing I've found, though it doesn't work as mentioned above. I still don't get the point of that... Can you please give me a real life application? Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: dexX7 on September 23, 2013, 06:06:06 AM I still don't get the point of that... Can you please give me a real life application? Sure. One keyword: user authentication. :) Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: nahtnam on September 23, 2013, 01:51:44 PM I still don't get the point of that... Can you please give me a real life application? Sure. One keyword: user authentication. :) Like what? You mean like to check if one person really owns a address? Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: dexX7 on September 24, 2013, 03:14:03 PM Like what? You mean like to check if one person really owns a address? Sorry to be vague. I'd use it as substitute for a login mechanism. Instead of a combination of username and password where the username is the internal identifier, I'd use solely a BTC address. For the login a random one-time-challenge string is shown to the user and he or she is asked to sign this string. Example: System: "Please sign the following message: login2113njsdfku3h24" User answers with: G42O9cr+bwzfH71zfmFjIy/UmuQhVOxmqm5HgBglHMK/ceKCKBWSmLLd9sz8ZXpJxtAN0xwbyLyCwRjuUiQ7i/c= The system verifies the signature and maps it to address: 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL This address can then be used to recognize the user like the username before. Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: nahtnam on September 24, 2013, 03:46:29 PM Like what? You mean like to check if one person really owns a address? Sorry to be vague. I'd use it as substitute for a login mechanism. Instead of a combination of username and password where the username is the internal identifier, I'd use solely a BTC address. For the login a random one-time-challenge string is shown to the user and he or she is asked to sign this string. Example: System: "Please sign the following message: login2113njsdfku3h24" User answers with: G42O9cr+bwzfH71zfmFjIy/UmuQhVOxmqm5HgBglHMK/ceKCKBWSmLLd9sz8ZXpJxtAN0xwbyLyCwRjuUiQ7i/c= The system verifies the signature and maps it to address: 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL This address can then be used to recognize the user like the username before. Oh well sorry I can't help you, since I don't know how to use the json rpc and had never heard of a signed message before... Is it like entering a random string in the public note section? Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: dexX7 on September 24, 2013, 05:53:50 PM Oh well sorry I can't help you, since I don't know how to use the json rpc and had never heard of a signed message before... Is it like entering a random string in the public note section? You never heard about signed messages? Shame on you.. ;D It's a great way to proof ownership of an address. For example, I claim I do own 1KqNPuC8egqxLdPVksjmSgC4zTdNysrz9p and I'm able to demonstrate this by signing a message. Code: Message: Hi, this is dexX7 and I own address 1KqNPuC8egqxLdPVksjmSgC4zTdNysrz9p. Now head over to http://brainwallet.org/#verify and try to see, if it is legit. :) The standard Bitcoin QT client has this feature, too. See: http://imgur.com/a/nUmZ0 Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: dalek on September 24, 2013, 06:54:54 PM Blockchain's RPC interface/server has a tendency to go down for several days at a time, as it just did recently. Verifying a message doesn't require the blockchain, so look into offline solutions, like from this thread: https://bitcointalk.org/index.php?topic=222992.0
Title: Re: JSON RPC PHP + blockchain.info + verifymessage Post by: jimbursch on March 31, 2014, 07:16:49 PM I am having the same problem that was originally posted here -- getting an incorrect false return on verifymessage().
$address = '1B8QAtcpBkL3jtfeMvfLiz8hnPi2U1KCyf'; $signature = 'HP1aJ5Pnx9WMrFOl9U76u5ZMkjnhqW+cxcIqAnGg1f6JhKX0jKChZnV94ewXnBNb0wA+3sIJdtszALPw8EbcXOc='; $message = 'test'; $rpc->verifymessage($address, $signature, $message); this returns bool(false) I'm using the api described here: https://blockchain.info/api/json_rpc_api Method: verifymessage Parameters: (String bitcoinaddress, String signature, String message) Description: Verifies the signature and message matches the bitcoin address provided (See signmessage) Returns: Boolean |