For those who need it: Quickly sign a message with your private key in browser

[Evil-Knievel]

If anyone of you needs to quickly sign a message without having the core client handy, feel free to use https://ordinarydude.github.io/offline-bitcoin-signer/.
The source code can be found at: https://github.com/OrdinaryDude/offline-bitcoin-signer

Disclaimer: Use at own risk! The software is using the bitcore nodejs module which I am not responsible for and which is too complex for me to verify in terms of security. The paranoid download the code and run it on a computer that never touches the internet!

[jak3]

thanks for this project its really very helpful and will save much time by the way are you sure that people will sign messages with there private keys i thought we do it with public keys

[Evil-Knievel]

thanks for this project its really very helpful and will save much time by the way are you sure that people will sign messages with there private keys i thought we do it with public keys

No, you have to sign with the private key. The public key is available to the public when you have at least one outgoing transaction and can be viewed on any block explorer. If we could sign messages with public keys only, I could easily sign messages in your name  
But you can verify a signature with the public key!

[CoinLearn]

If anyone of you needs to quickly sign a message without having the core client handy, feel free to use https://ordinarydude.github.io/offline-bitcoin-signer/.
The source code can be found at: https://github.com/OrdinaryDude/offline-bitcoin-signer

Fantastic work! It would be great if u added a JS based signed message verifier as well.

[n691309]

If anyone of you needs to quickly sign a message without having the core client handy, feel free to use https://ordinarydude.github.io/offline-bitcoin-signer/.
The source code can be found at: https://github.com/OrdinaryDude/offline-bitcoin-signer

Disclaimer: Use at own risk! The software is using the bitcore nodejs module which I am not responsible for and which is too complex for me to verify in terms of security. The paranoid download the code and run it on a computer that never touches the internet!

Everything works perfect except one thing, why I can't copy the signature code? People can use this website to sign a message and then copy to send or post somewhere. It would be good if you can modify it and let people copy the entire signed message like this one http://wallet-2sx53n.sakurity.com/#sign

[Evil-Knievel]

If anyone of you needs to quickly sign a message without having the core client handy, feel free to use https://ordinarydude.github.io/offline-bitcoin-signer/.
The source code can be found at: https://github.com/OrdinaryDude/offline-bitcoin-signer

Disclaimer: Use at own risk! The software is using the bitcore nodejs module which I am not responsible for and which is too complex for me to verify in terms of security. The paranoid download the code and run it on a computer that never touches the internet!

Everything works perfect except one thing, why I can't copy the signature code? People can use this website to sign a message and then copy to send or post somewhere. It would be good if you can modify it and let people copy the entire signed message like this one http://wallet-2sx53n.sakurity.com/#sign

Good catch! Fixed!
I will make a js version tomorrow!

[n691309]

If anyone of you needs to quickly sign a message without having the core client handy, feel free to use https://ordinarydude.github.io/offline-bitcoin-signer/.
The source code can be found at: https://github.com/OrdinaryDude/offline-bitcoin-signer

Disclaimer: Use at own risk! The software is using the bitcore nodejs module which I am not responsible for and which is too complex for me to verify in terms of security. The paranoid download the code and run it on a computer that never touches the internet!

Everything works perfect except one thing, why I can't copy the signature code? People can use this website to sign a message and then copy to send or post somewhere. It would be good if you can modify it and let people copy the entire signed message like this one http://wallet-2sx53n.sakurity.com/#sign

Good catch! Fixed!
I will make a js version tomorrow!

Good that you hear my advice, and I see that now it is fixed and working. What do you think to make a field that will generate the complete signed message format like this one :

Code:

-----BEGIN BITCOIN SIGNED MESSAGE-----
[This is an example of a signed message.]
-----BEGIN SIGNATURE-----
[Btc Address]
[Signature]
-----END BITCOIN SIGNED MESSAGE-----

[Lanzador]

This is friggin awesome. There are so many times I need to sign messages while I'm at work, but we can't run .exe files here, so a full node or even just a wallet is out of the question - this solves so many problems!

[Evil-Knievel]

This is friggin awesome. There are so many times I need to sign messages while I'm at work, but we can't run .exe files here, so a full node or even just a wallet is out of the question - this solves so many problems!

Thanks for the nice feedback 

[DannyHamilton]

- snip -
Disclaimer: Use at own risk! The software is using the bitcore nodejs module which I am not responsible for and which is too complex for me to verify in terms of security. The paranoid download the code and run it on a computer that never touches the internet!
- snip -

An additional but important warning...

I have not yet reviewed this code, but IF there is a bug in the code (or introduced into the bitcore nodejs module) that re-uses k values, then running this on a computer that never touches the internet will not protect you.  It will be possible to calculate your private key from the combination of 2 signatures.

[Evil-Knievel]

I have not yet reviewed this code, but IF there is a bug in the code (or introduced into the bitcore nodejs module) that re-uses k values, then running this on a computer that never touches the internet will not protect you.  It will be possible to calculate your private key from the combination of 2 signatures.

I appreciate your very kind offer to carefully review the code. I understand that such processes take their time, so that it was not "yet" possible.
To give everyone else the chance here to have a look at the code themselves as well, here it is

var dumbsign = function(wif,msg){
   var privateKey = bitcore.PrivateKey.fromWIF(wif);
   var signature = Message(msg).sign(privateKey);
   return signature;
}

Yes, that was the entire (relevant) code! Any "bug reports", improvement suggestions or reimplementations are welcome  

[DannyHamilton]

I have not yet reviewed this code, but IF there is a bug in the code (or introduced into the bitcore nodejs module) that re-uses k values, then running this on a computer that never touches the internet will not protect you.  It will be possible to calculate your private key from the combination of 2 signatures.

I appreciate your very kind offer to carefully review the code. I understand that such processes take their time, so that it was not "yet" possible.
To give everyone else the chance here to have a look at the code themselves as well, here it is

var dumbsign = function(wif,msg){
   var privateKey = bitcore.PrivateKey.fromWIF(wif);
   var signature = Message(msg).sign(privateKey);
   return signature;
}

Any "bug reports", improvement suggestions or reimplementations are welcome  

I saw that you included the github link and I was going to take a look tonight.  Hadn't even clicked on it yet.

I wasn't aware that it was so short, or else I may have taken a look right away. 

The main concern here that people will want to be aware of is that running something "on a computer that never touches the internet" is not helpful if the signature calculation re-uses a k value.  I would hope the bitcore nodejs module won't have such a problem, but bugs happen and mistakes (and malicious behavior) happen.

If people are going to re-use bitcoin addresses, generating multiple signatures with them, then they should be aware that they can leak their private key without ever letting the private key touch an internet connected computer.  Wouldn't want anyone to develop a false sense of security now, would we?

[Evil-Knievel]

The main concern here that people will want to be aware of is that running something "on a computer that never touches the internet" is not helpful if the signature calculation re-uses a k value.  I would hope the bitcore nodejs module won't have such a problem, but bugs happen and mistakes (and malicious behavior) happen.

If people are going to re-use bitcoin addresses, generating multiple signatures with them, then they should be aware that they can leak their private key without ever letting the private key touch an internet connected computer.  Wouldn't want anyone to develop a false sense of security now, would we?

I thought we were away from using random numbers to chose the k-values for a long time already. When I sign a message, the signature is always the same no matter how ofter I sign it. Seems that Bitcore uses (correctly) a deterministic signing scheme which is based on the message (or better, the pseudorandomness derived from its cryptographic hash) itself. But that again means, that it is impossible that two different signatures use the same r-value (lets ignore the unlikely case of hash collisions for now)? Am I correct?

I mean we could have a deeper look into Bitcore of course. If in doubt, I would always decide for a deeper investigation!

[DannyHamilton]

I thought we were away from using random numbers to chose the k-values for a long time already.

And I thought we were away from people using bitcoin addresses more than once.

Yet somehow people and programs continue to do things that that are are advised against by the experts.

I suspect your program is fine. There probably aren't many (any?) realistic situations where Bitcore would re-use a k value.  But for the ultra-paranoid:

Don't sign anything using a private key that is associated with any address that is currently or ever in the future will be associated with any bitcoins, don't use a private key or an address more than once.