Bitcoin Forum
November 16, 2018, 09:43:10 PM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Certified/signed private messages  (Read 1131 times)
EcuaMobi
Legendary
*
Offline Offline

Activity: 1596
Merit: 1190


https://Ecua.Mobi


View Profile WWW
June 27, 2015, 03:10:11 PM
 #1

Sometimes it's necessary to prove a PM was received or sent. This can be useful for a scam accusation to prove a deal was made or a specific address was given. It can also be useful to prove an address was sent and -along with a message signed with that address- prove ownership of an account. Also to prove a threat or a blackmail/extortion attempt. At the moment people just take screenshots or quote the PMs but there's no way to prove that wasn't edited. Currently the closest to achieve that is to grant a trusted member access to one's account.

A simple method to solve this would be to have an official BTC address and/or GPG certificate. The private key would be on the server as protected as possible. The public key would be published on the site. Under request anyone can acquire the signature of a sent or received PM to prove authenticity. The process would be 100% automatic.

There would be a risk if the server is compromised but probably in that case fake signed messages wouldn't be the biggest of our concerns anyway. I've been thinking about a way to remove or reduce this risk but the only other way would be for an admin to do it manually offline. That would be way to much work.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1542404590
Hero Member
*
Offline Offline

Posts: 1542404590

View Profile Personal Message (Offline)

Ignore
1542404590
Reply with quote  #2

1542404590
Report to moderator
1542404590
Hero Member
*
Offline Offline

Posts: 1542404590

View Profile Personal Message (Offline)

Ignore
1542404590
Reply with quote  #2

1542404590
Report to moderator
devnull2
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
June 27, 2015, 03:23:14 PM
 #2

Thats a nice idea.
Muhammed Zakir
Hero Member
*****
Offline Offline

Activity: 560
Merit: 504


I prefer Zakir over Muhammed when mentioning me!


View Profile WWW
June 27, 2015, 03:47:48 PM
 #3

I like this idea.

-snip-
Under request anyone can acquire the signature of a sent or received PM to prove authenticity. The process would be 100% automatic.
 -snip-

I think a better way would be to have a button-like on every PM. Sender/receiver can click it and the signature associated with that message will be shown. The way you suggested, assuming it is automatic, may cause high server loads.

dserrano5
Legendary
*
Offline Offline

Activity: 1876
Merit: 1001



View Profile
June 27, 2015, 06:28:38 PM
 #4

Sometimes it's necessary to prove a PM was received or sent. This can be useful for a scam accusation to prove a deal was made or a specific address was given. It can also be useful to prove an address was sent and -along with a message signed with that address- prove ownership of an account. Also to prove a threat or a blackmail/extortion attempt. At the moment people just take screenshots or quote the PMs but there's no way to prove that wasn't edited.

Could TLSnotary solve it?

EcuaMobi
Legendary
*
Offline Offline

Activity: 1596
Merit: 1190


https://Ecua.Mobi


View Profile WWW
June 28, 2015, 04:27:14 AM
 #5

Sometimes it's necessary to prove a PM was received or sent. This can be useful for a scam accusation to prove a deal was made or a specific address was given. It can also be useful to prove an address was sent and -along with a message signed with that address- prove ownership of an account. Also to prove a threat or a blackmail/extortion attempt. At the moment people just take screenshots or quote the PMs but there's no way to prove that wasn't edited.

Could TLSnotary solve it?

Thanks. I didn't know about that. Yes that will certainly help! I'd still prefer a built-in method though, something that's easier and faster to generate and everyone here know about.

grue
Legendary
*
Offline Offline

Activity: 2058
Merit: 1140



View Profile
June 28, 2015, 05:33:26 AM
 #6

Sometimes it's necessary to prove a PM was received or sent. This can be useful for a scam accusation to prove a deal was made or a specific address was given. It can also be useful to prove an address was sent and -along with a message signed with that address- prove ownership of an account. Also to prove a threat or a blackmail/extortion attempt. At the moment people just take screenshots or quote the PMs but there's no way to prove that wasn't edited. Currently the closest to achieve that is to grant a trusted member access to one's account.
No, you can also report the PM to a global moderator/admin.

It is pitch black. You are likely to be eaten by a grue.

Adblock for annoying signature ads | Enhanced Merit UI
EcuaMobi
Legendary
*
Offline Offline

Activity: 1596
Merit: 1190


https://Ecua.Mobi


View Profile WWW
June 28, 2015, 02:46:02 PM
 #7

Sometimes it's necessary to prove a PM was received or sent. This can be useful for a scam accusation to prove a deal was made or a specific address was given. It can also be useful to prove an address was sent and -along with a message signed with that address- prove ownership of an account. Also to prove a threat or a blackmail/extortion attempt. At the moment people just take screenshots or quote the PMs but there's no way to prove that wasn't edited. Currently the closest to achieve that is to grant a trusted member access to one's account.
No, you can also report the PM to a global moderator/admin.

Scams are not moderated so that wouldn't help on most of the scenarios I listed. In a scam accusation normally what's needed is a proof that the published PM was not edited.

BadBear
v2.0
Legendary
*
Offline Offline

Activity: 1652
Merit: 1005



View Profile WWW
June 28, 2015, 03:03:10 PM
 #8

Yes, scams aren't moderated but global mods and admins can still see reported pm's and verify the quote or screenshot is legitimate. There's nothing wrong with the suggestions, but to say the only way is to allow a trusted member to log into your account isn't true.

1Kz25jm6pjNTaz8bFezEYUeBYfEtpjuKRG | PGP: B5797C4F

Tired of annoying signature ads? Ad block for signatures
Quickseller
Copper Member
Legendary
*
Offline Offline

Activity: 1596
Merit: 1206

in 2 min-groin injury, dildo on field, & 6-9 score


View Profile WWW
June 28, 2015, 03:12:02 PM
 #9

You can't report any sent PMs. If a sent PM is not quoted in the reply, or if it is quoted incorrectly then a good amount of information may be left out.

edit: Maybe it would be a good idea to allow messages in the outbox be reported to an admin/global mod (as well as the ability to search the outbox)

3PjXm2XYDKLV5mN3oiKzNTyVvSkqP3ujeq <-- tipping address Advertise here
Muhammed Zakir
Hero Member
*****
Offline Offline

Activity: 560
Merit: 504


I prefer Zakir over Muhammed when mentioning me!


View Profile WWW
July 02, 2015, 11:59:01 AM
 #10

Sometimes it's necessary to prove a PM was received or sent. This can be useful for a scam accusation to prove a deal was made or a specific address was given. It can also be useful to prove an address was sent and -along with a message signed with that address- prove ownership of an account. Also to prove a threat or a blackmail/extortion attempt. At the moment people just take screenshots or quote the PMs but there's no way to prove that wasn't edited.

Could TLSnotary solve it?

I was unable to sign Bitcointalk.org page. Huh

PageSigner error

This website cannot be audited by PageSigner because it presented an untrusted certificate

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!