How signing and verifying messages on bitcoin

[Jumperman4]

So this is a very interesting aspect to me since craig has once again been caught lying.

But I dont really grasp how signing that message works. As in when i verify that message i needed the public address the signature and the messege...  but how does one decrypt it to know the message?

[freedomgo]

You can check in this thread,

https://bitcointalk.org/index.php?topic=990345.0

you see these different wallets which I copied in the thread I shared. (not sure if I was able to list all)>

Bitcoin Core version v0.10.0
Electrum v 1.9.8
MultiBit HD v 0.1
Blockchain.info
Mycelium 2.3.0 - 2.5.2 on Android Lollipop
Bither v.1.3.7.1
Ledger Wallet Bitcoin v.1.10.1
Blocktrail
Chain Query Alpha


ps. I am not familiar with all the wallets, currently I am using electrum as I find comfortable using it has a function where you can sign and verify message.

[BitMaxz]

Take note the above procedure is for legacy wallet and you can also do this on segwit addresses but you can not verify the segwit signed message with any other tool except for the same wallet you used.

Sample you make a signed message with your segwit address using Electrum and trying to verify it to other wallets it won't work. You need to verify the signed segwit messages on the same wallet as Electrum.
Unlike legacy addresses that you can verify to any different wallets.

[freedomgo]

Sample you make a signed message with your segwit address using Electrum and trying to verify it to other wallets it won't work. You need to verify the signed segwit messages on the same wallet as Electrum.
Unlike legacy addresses that you can verify to any different wallets.

Thanks for the additional input, in my case, I have 2 wallets, one for legacy and one for segwit, if I do sign a message have to use differently, depending on what type of address I need to sign. OP has to try it, it's easier when in actual practice.

[Baofeng]

[..snip..]

How about this method though, How to verify SegWit signature with Brainwallet?. The only drawback is that it make things complicated for a newbie, because you need to convert your bitcoin address to HEX and then convert it to a BitCoin Hash160 (in Hex) to a valid BitCoin address.

[BitMaxz]

[..snip..]

How about this method though, How to verify SegWit signature with Brainwallet?. The only drawback is that it make things complicated for a newbie, because you need to convert your bitcoin address to HEX and then convert it to a BitCoin Hash160 (in Hex) to a valid BitCoin address.

Well, I tried just now and it works without any issue.
Never heard this method before but it works after you convert the public key hash160 into valid bitcoin address and verify it on brainwallet it works.

I also tried them on these two sites below and both of them work
- https://tools.bitcoin.com/verify-message/
- https://tools.qz.sg/

So I guess it will also work on other "verify message" tools. I'm honestly, looking for this for many months.

[KonstantinosM]

So this is a very interesting aspect to me since craig has once again been caught lying.

But I dont really grasp how signing that message works. As in when i verify that message i needed the public address the signature and the messege...  but how does one decrypt it to know the message?

Well, the same way any private/public keypair can be used to verify that a message was generated by someone.

I think craig has taken already signed messages in the past to try and prove stuff, so you see how it can happen the other way too, with no validity.

Once I generate a message that checks out, someone can copy it. So I guess it's a good idea to be unambiguous. Like, the time is this, and if someone else uses this message after the time of for the purposes of fraud, know that it is not me sort of thing.

[ranochigo]

But I dont really grasp how signing that message works. As in when i verify that message i needed the public address the signature and the messege...  but how does one decrypt it to know the message?

The message does not have to be decrypted because signing a message doesn't encrypt anything. Bitcoin uses ECDSA as a message signing mechanism. The way ECDSA works allows the user to sign a message using their private key and others to use the corresponding public key to validate it. This works the same way as how a signature in a transaction works.

To sign a transaction, the user will utilise their private key to sign a message to produce a string of characters.

When a user validates the message, the script will use the signature and message to calculate the possible public key(s) that could be associated with it. Given the signature and the public key, the script can then validate it with message. If the address given and the message is correct for the given signature and derived public key, the program would confirm it.

If the message corresponds, you can assume that the person signed it with his private key and he has access to it.