Staking an address requires you to understand what
exactly you're doing, especially if you're a newbie. Also,
Signatures and their capabilities are complicated.
That's why I decided to create this thread; to make things less complicated for newbies and to make them know what they're doing. If you're a newbie, you probably know approximately
why you should stake your address and
how (with what softwares). I'll focus on how to stake it properly using your common sense.
Staking.When you stake an address, you do it so that if you ever needed to prove your account's ownership, you can do so. The problem is that most of the times, people operate completely mechanically, as a result to not know what exactly they're doing. If you've never staked an address before, you simply go to the
proper thread and leave your address that was generated from your non-custodial wallet, just like that:
This is my address, please quote it: bc1q0fc0e3e0zpve6qg2fw2tfxwnvsw5p4kae3u2yx
There's no need to provide a signed message from that address, because we know that
at the moment, the owner of the account staked their first address. It is obviously theirs whether they sign a message or not.
It is advisable to use a unique address, especially one that has never received Bitcoins. You can do it, though, but it'll harm your privacy. It is better if you simply pick an address that has no connection with your transactions.
Signing.When you'll have to provide a proof of the ownership, you'll sign and publish a message. [
this is how] [
this is why]
-----BEGIN BITCOIN SIGNED MESSAGE-----
I am BlackHatCoiner. Today is 08/11/2021 (15:01). This is a proof that I still own bc1q0fc0e3e0zpve6qg2fw2tfxwnvsw5p4kae3u2yx.
-----BEGIN SIGNATURE-----
bc1q0fc0e3e0zpve6qg2fw2tfxwnvsw5p4kae3u2yx
Hyi7C7hHSBN3cVV0Q3NF7poPFox49Zehs0z2WRWEV1x/ZdJUpcGWT5UUhWZylZ3SNFn0DU6ITNZgqu0goqY2C8s=
-----END BITCOIN SIGNED MESSAGE-----
If you want to stake another address, you'll have to sign a message from your old address and include your new address within it:
-----BEGIN BITCOIN SIGNED MESSAGE-----
I am BlackHatCoiner. Today is 08/11/2021 (15:01). My new signing address is bc1q2mxckeclkndcu68m5v7qhf6guwakn6en96s2mc.
-----BEGIN SIGNATURE-----
bc1q0fc0e3e0zpve6qg2fw2tfxwnvsw5p4kae3u2yx
IChf1za07r3UTa2CGlU4mVpQaHlVAK3N8yK3ViASvfbtbstLNX60TSfFml+9VAR4czTMP9Y8+yyDkB+XwZmPRlM=
-----END BITCOIN SIGNED MESSAGE-----
Note that there's
absolutely no reason to sign a message from the new address, for the same reason you didn't have to do it for your first address. We know that at the moment, you've signed a message from your old address,
thus we conclude that indeed it's you, and you choose to stake another address.
This could happen for lots of reasons. One may be due to the fear of the old's compromisation. If that's the case, you'll have to state in your signed message that the owner of the account is only the one who'll provide a signature from the new address and
not from the old one.
Quoting and Verifying.Now that's an optional step, only for those who want to help on the quotation and verification of the
thread's addresses.
Some users may choose to stake an address along with a signed message for the first time, if they feel that staking
just the address isn't enough (although I explained above why it is sufficient). If the user stakes a signed message, you ought to verify it.
IF the message can't be verified, then the user hasn't provide a valid signature. In that case, you'll respond them that they did something wrong during the procedure and by “respond” I mean that you'll quote the whole message just in case they edit their post. If that's the first time they tried to stake an address, then that's fine. They'll learn. If they had previously staked an address and want to stake another one, but can't provide you a valid signed message from the previous address, then the situation becomes suspicious.
If they successfully achieve to provide you a signed message that looks like this:
-----BEGIN BITCOIN SIGNED MESSAGE-----
I am BlackHatCoiner.
-----BEGIN SIGNATURE-----
bc1q0fc0e3e0zpve6qg2fw2tfxwnvsw5p4kae3u2yx
H1kZ1IEa3WY1LOjsyj/5rWE1bjS7dzWXaPDsXFqK3zSUcYJvAcjAxGzZn+UDoIU7sDu+nTS+i4QF4eH4fXYnVzA=
-----END BITCOIN SIGNED MESSAGE-----
You will deny it and ask for one that couldn't have been signed before. In order to ensure that the original owner hadn't signed the asked message (that a hacker could have taken from him), you'll need to ask them politely to provide you one extra thing; time. If they post a message that contains time too, then we can confirm the account's ownership.
As for your post that quotes the signed message: It is unnecessary to provide a link that redirects the reader to a website/image that confirms the message's verification. The only necessary part is to quote it so that the readers can confirm that the account hasn't been compromised and the original message is the same. There are also some well-intentioned users who created websites that archive every post that is made. [
loyce.club,
ninjastic.space]
If you think that I'm somewhere wrong or that I haven't included something important please tell me.
