Bitcoin Forum
January 21, 2019, 06:41:40 AM *
News: Latest Bitcoin Core release: 0.17.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Your Public Key is Your Identity  (Read 183 times)
butka
Full Member
***
Offline Offline

Activity: 280
Merit: 172


View Profile
August 02, 2018, 12:15:36 PM
Last edit: September 10, 2018, 04:33:33 PM by butka
 #1

This post is inspired by a chapter from the book "Bitcoin and Cryptocurrency Technologies", called "Public Keys as Identities".

In essence, the authors state that, the closest thing you can have to "identity" in the crypto-world is your public key (or equivalently, its hashed version, which is otherwise known as bitcoin address).

This is certainly nothing new to the more experienced members of this forum, but it can be somewhat confusing for the newbie users.

If you are a beginner, you already know that you have a username and, in addition, you have used an email address to register on the forum. So, at first glance, it might be logical that your identity should be tied to your email address.

However, it is NOT. Don't forget that this is a cryptocurrency forum. There is a better and more secure way in which you can prove your identity. And, it is not connected to your email address.

It has to do with a bitcoin address you own and you have control over. All you have to do is to publish it somewhere (in one of your unedited posts).

In case you need to prove that you are indeed the person who owns your account (for example, in case your account gets hacked), the administrator of this forum requires proof of ownership of that previously published bitcoin address.

In fact, on BCT you can't use your email address to prove your identity even if you wanted to. This inability to prove identity via email address is, surprisingly, something even some of the more experienced users whose accounts have been hacked complain about (from time to time).

But, as already said, your identity is your public key, and I'm not surprised that the administrator of this forum insists on it.

Let's get a little bit more into identities in the crypto space.

If you want to speak to the world on behalf of a certain identity (public key), you have to possess the private key that corresponds to that identity.

This makes a lot of sense, because you can then sign a message by using the corresponding private key and share that message with the world. The world can then verify that it is indeed you, the identity behind that public key, by verifying the signature.

So, again, in the crypto-world, your identity is your public key. Moreover, you can have a lot of public keys (aka bitcoin addresses), and this has as a consequence that you can create numerous identities.

You can use a certain identity for a couple of days and decide to switch to another identity after that.

In the real world, your identity (your identity document) has to be managed by a central authority. And this identity is permanent, or at least not so easy to change.

In the crypto world, your identity is managed by you in a decentralized way, and you can change it as many times as you like.

This loose sense of identity doesn't mean that you are totally anonymous or that you have total privacy. The reason is that your crypto identity leaves traces and behavioral patterns that can be traced and can lead back to your real-world persona.

You can read more about privacy/anonymity in bitcoin here.

Now, because your identity is essentially a random 26 to 35 alphanumeric sequence, you might be wondering if another person could possibly assume the same identity as yours (the technical term is collision). Even if you change your identity 1000 times every day, chances of this happening are negligible. In fact, here is a nice illustration of how impossibly difficult a collision with another bitcoin address is:

Quote
... if all the land on earth became as densely populated as Manila, the densest city in the world, and everyone generated 1000 addresses per day, it would take 184,025 years on average for the same address to be generated twice...
Source: https://www.reddit.com/r/Bitcoin/comments/790e9j/the_probability_of_the_same_bitcoin_address_being/


In conclusion, if you are a beginner, to be able to verify your identity in case of unforeseen circumstances, do the following:

 1) learn how to sign a message with your bitcoin address from this excellent tutorial.

 2) sign a message of a predefined format (as explained in step 1) and post it here.

Now you can then be sure that you can prove your identity in case such a proof is needed.

Edit: Revised according to the corrections indicated in @pooya87's post below.
1548052900
Hero Member
*
Offline Offline

Posts: 1548052900

View Profile Personal Message (Offline)

Ignore
1548052900
Reply with quote  #2

1548052900
Report to moderator
1548052900
Hero Member
*
Offline Offline

Posts: 1548052900

View Profile Personal Message (Offline)

Ignore
1548052900
Reply with quote  #2

1548052900
Report to moderator
1548052900
Hero Member
*
Offline Offline

Posts: 1548052900

View Profile Personal Message (Offline)

Ignore
1548052900
Reply with quote  #2

1548052900
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1548052900
Hero Member
*
Offline Offline

Posts: 1548052900

View Profile Personal Message (Offline)

Ignore
1548052900
Reply with quote  #2

1548052900
Report to moderator
LTU_btc
Hero Member
*****
Offline Offline

Activity: 1120
Merit: 585

★YoBit.Net★ 350+ Coins Exchange & Dice


View Profile WWW
September 08, 2018, 11:02:11 AM
 #2

Yeah, public key can be used to identify people in crypto world. I think it's quite similar to bank account. Public key is like your bank account number and private jey is like a PIN code.
It's really important to know how to use Bitcoin address and signed message for identification. It can help to recover Bitcointalk account, prove that you hold needed amount of Bitcoin when you are escrow agent, lender or smth similar. This is why it's very important to use wallet which allow to sign a message from your public key.
On the other hand, public keys can help to hide your identity. People who want privacy always use new Bitcoin address for every transaction. Use of Bitcoin mixers also helps to increase privacy, hide source of Bitcoin if it was received in illegal ways.
@DropOnBy_1b

Why would you bump an old post with a totally unrelated answer?

That link of yours is shady as hell. I wouldn't click on it either.
Just use "Report to moderator" button and mods will delete offtopic spam.

Dhanems
Jr. Member
*
Offline Offline

Activity: 392
Merit: 2


View Profile WWW
September 08, 2018, 12:22:38 PM
 #3

For me, Privat e key is much better if you create your own key not from your identity,because if you used from your identity example from your birthdate,is easy to known of the hackers,I suggest you to use always special characters like *#$ like that,so hackers can't identify your key in easy way:)and please make a note.
Dudeperfect
Hero Member
*****
Offline Offline

Activity: 1078
Merit: 532

★YoBit.Net★ 350+ Coins Exchange & Dice


View Profile WWW
September 08, 2018, 01:33:52 PM
 #4

In simple words, the public key is like the email address that allows us to accept payments (like emails) from anyone around the world. On the other hand, to access the received payment (eg: Emails)  we will need a confidential password that will give us exclusive access so that we can spend the received amount. The password is private key associated with the wallet.

Sometimes using real-life examples can help to articulate Bitcoin and cryptocurrencies to newbies in a better way.

Velkro
Legendary
*
Offline Offline

Activity: 1680
Merit: 1002


<3 Vanity Addresses :)


View Profile
September 08, 2018, 11:59:37 PM
 #5

For me, Privat e key is much better if you create your own key not from your identity,because if you used from your identity example from your birthdate,is easy to known of the hackers
Exactly, bitcoin has incredible random number addressess to provide without any user data needed.
Its crucial ale fool proof. Brain wallets were hacked often because users not too good in creating passwords.

Hagmonar
Full Member
***
Offline Offline

Activity: 409
Merit: 100


Buy, sell and store real cryptocurrencies


View Profile
September 09, 2018, 12:46:44 AM
 #6

I think verifying bitcoin address is only useful when it comes verifying someone's identity. Nowadays, signed bitcoin address does not help bitcointalk users recover their account when it gets hacked or stolen.

Anyways, is there a possible way to also signed ETH address?

joniboini
Sr. Member
****
Offline Offline

Activity: 448
Merit: 791


MESG - The new economy of app development


View Profile WWW
September 09, 2018, 01:36:13 AM
 #7

For me, Privat e key is much better if you create your own key not from your identity,

No. If you make your private key your "identifier" in this forum/other crypto space, then you're essentially giving away your assets and your wallet. It makes me wonder did you really understand private key at all, 'cause you compare it to your date of birth or password.

I think verifying bitcoin address is only useful when it comes verifying someone's identity. Nowadays, signed bitcoin address does not help bitcointalk users recover their account when it gets hacked or stolen.

That's because recovering an account needs extra work. Sometimes a hacked account was sold alongside the address that was signed by the previous owner.

Anyways, is there a possible way to also signed ETH address?

Yes, it is. How long you've been in the forum and how much you've learned?

MESG
░░░░░░▄▄▄██████████▄▄▄
░░░░▄██████▄███████████▄
░░▄████▄█████▄████▄██████▄
██████████▄███████████████
▐████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄████▌
█████░███░█░▄▄█░▄▄█▀░▄▄█████
█▄███░░▀░░█░▄▄█░░░█░█▀▀██▄██
█████░█░█░█░▀▀█▀▀░█▄░▀░█████
▐████▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀████▌
██████████████████████████
░░▀███▄████████▄█████████▀
░░░░▀██████▄███████▄███▀
░░░░░░▀▀▀██████████▀▀▀
  BUILD APPLICATIONS
        CONNECTING ANY TECHNOLOGIES   
|



   ▄███████
   ████████
   ███▀
   ███
██████████
██████████
   ███
   ███
   ███
   ███
   ███
   ███




             ▄████▄▄   
█▄          ██████████▀
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀




                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
  GITHUB
  MEDIUM
  LINKEDIN
  DISCORD
|SIGN-UP ON THE
F O R U M
pooya87
Legendary
*
Offline Offline

Activity: 1526
Merit: 1350



View Profile
September 09, 2018, 03:54:49 AM
 #8

keys are not meant to be used for identity, they can be used. if you want to have a real way of identifying yourself then use PGP. we use bitcoin keys because this is a bitcoin forum and bitcoin already has a feature to sign messages and prove ownership of a key.
in fact an address and by extension the key pair you own is meant to be only used once. https://en.bitcoin.it/wiki/Address_reuse

Now, because your identity is essentially a random 26-bit to 35-bit alphanumeric sequence
it is not "bit" it is "character". bit is something else. 1 bit is 1/8 of a byte. so in this case an address is 208-280 bit since each char is 1 byte. of course bit in this case doesn't mean anything i just posted the numbers so you can see how it works.
as you can see from the link you yourself posted it is not calling it 26... bits, it is calling it 26... alphanumeric characters.


Anyways, is there a possible way to also signed ETH address?

ethereum and any other altcoin are the same as bitcoin, they have a private key, a public key and a hash of that public key that you use as your address. the process of signing a message is a cryptographic process using that private key so yeah any altcoin that has a private key (which is all of them) can be used, technically. but the problem is when you sign a message with bitcoin everyone can easily and securely verify the message. the software doing it (like the wallets) are already tested enough times that chances of a bug being present is minimal. but when you sign a message with an altcoin key you can no longer use the bitcoin software to verify it, you have to use that altcoin's software to do it. not everyone has that and also they may contain bugs that verify a wrong message and pass it as correct so we stick to bitcoin.

chocolah29
Full Member
***
Offline Offline

Activity: 518
Merit: 128



View Profile
September 09, 2018, 07:41:04 AM
Last edit: September 09, 2018, 07:56:36 AM by chocolah29
 #9

I think verifying bitcoin address is only useful when it comes verifying someone's identity. Nowadays, signed bitcoin address does not help bitcointalk users recover their account when it gets hacked or stolen.

I think you're confuse because in fact it's the best way how you can recover your account and it's a solid proof that it's really belongs to you.

Anyways, is there a possible way to also signed ETH address?

Yes it is, there you go.
https://medium.com/@eugen_lechner/sign-and-verify-a-wallet-address-with-myetherwallet-1a46f6e2853e



~
. but when you sign a message with an altcoin key you can no longer use the bitcoin software to verify it, you have to use that altcoin's software to do it. not everyone has that and also they may contain bugs that verify a wrong message and pass it as correct so we stick to bitcoin.

So does it mean that we can't just easily signed an address or else bugs will just compromise the message? Huh

pooya87
Legendary
*
Offline Offline

Activity: 1526
Merit: 1350



View Profile
September 10, 2018, 03:06:37 AM
 #10

~
So does it mean that we can't just easily signed an address or else bugs will just compromise the message? Huh

i didn't say it is a sure thing to happen, i said there is a good chance. and unless you are familiar with that cryptocurrency and its software you shouldn't just trust it. for example i don't own an ethereum wallet so if i wanted to verify your identity using a signed message from an electrum key i wouldn't be able to but i have an installed bitcoin wallet, i have verified messages before, i also have reviewed the code for it and it was tested enough so that i can be sure the chances of a bug in it practically is zero.

joniboini
Sr. Member
****
Offline Offline

Activity: 448
Merit: 791


MESG - The new economy of app development


View Profile WWW
September 10, 2018, 03:51:14 AM
 #11

So does it mean that we can't just easily signed an address or else bugs will just compromise the message? Huh

You can, pooya is telling you about the chance that some altcoin software might have a bug and that not everybody here owns that, so using that signed message has some inherent risk. Unless you trust/already review the software and unless there is other member who also use that software, there is no way using that signed message is good enough.

Regardless which own you're using, signed message/public key is not that relevant anymore because somebody can just sell it alongside the account they're selling (happened many times). This is probably one of the reasons why account recovery takes a very long time.

MESG
░░░░░░▄▄▄██████████▄▄▄
░░░░▄██████▄███████████▄
░░▄████▄█████▄████▄██████▄
██████████▄███████████████
▐████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄████▌
█████░███░█░▄▄█░▄▄█▀░▄▄█████
█▄███░░▀░░█░▄▄█░░░█░█▀▀██▄██
█████░█░█░█░▀▀█▀▀░█▄░▀░█████
▐████▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀████▌
██████████████████████████
░░▀███▄████████▄█████████▀
░░░░▀██████▄███████▄███▀
░░░░░░▀▀▀██████████▀▀▀
  BUILD APPLICATIONS
        CONNECTING ANY TECHNOLOGIES   
|



   ▄███████
   ████████
   ███▀
   ███
██████████
██████████
   ███
   ███
   ███
   ███
   ███
   ███




             ▄████▄▄   
█▄          ██████████▀
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀




                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
  GITHUB
  MEDIUM
  LINKEDIN
  DISCORD
|SIGN-UP ON THE
F O R U M
nakamura12
Member
**
Offline Offline

Activity: 336
Merit: 21

Dual-Chain Bitcoin Air


View Profile
September 10, 2018, 07:33:25 AM
 #12

Regardless which own you're using, signed message/public key is not that relevant anymore because somebody can just sell it alongside the account they're selling (happened many times). This is probably one of the reasons why account recovery takes a very long time.
Yes, very true. The things that might happen is like this. Example: I sold an account to joniboini and after I received the payment I ask admin to recover my account and telling admin that my account is hacked and then giving the signed address as proof. So when that happens joniboini only loss his crypto for nothing or in short SCAMMED. That's why I'm not interested in buying accounts from someone  I don't know that offer me an account  to sell.

█               B i t c o i n  A i r   ★    Secure Payment as Light as Air  ★                 █
► ►  Lightweight    ► ►  Transparent    ► ►  Lightning Fast

               ●   Telegram   Twitter   Discord   Medium   Github   Reddit   ●               
butka
Full Member
***
Offline Offline

Activity: 280
Merit: 172


View Profile
September 10, 2018, 04:28:59 PM
 #13

Now, because your identity is essentially a random 26-bit to 35-bit alphanumeric sequence
it is not "bit" it is "character". bit is something else. 1 bit is 1/8 of a byte. so in this case an address is 208-280 bit since each char is 1 byte. of course bit in this case doesn't mean anything i just posted the numbers so you can see how it works.
as you can see from the link you yourself posted it is not calling it 26... bits, it is calling it 26... alphanumeric characters.

You are right, of course. Thanks for correcting me. I'll edit the original post accordingly.
mweezy
Jr. Member
*
Offline Offline

Activity: 60
Merit: 1


View Profile
September 13, 2018, 01:12:49 PM
 #14

This post is inspired by a chapter from the book "Bitcoin and Cryptocurrency Technologies", called "Public Keys as Identities".

In essence, the authors state that, the closest thing you can have to "identity" in the crypto-world is your public key (or equivalently, its hashed version, which is otherwise known as bitcoin address).

This is certainly nothing new to the more experienced members of this forum, but it can be somewhat confusing for the newbie users.

If you are a beginner, you already know that you have a username and, in addition, you have used an email address to register on the forum. So, at first glance, it might be logical that your identity should be tied to your email address.

However, it is NOT. Don't forget that this is a cryptocurrency forum. There is a better and more secure way in which you can prove your identity. And, it is not connected to your email address.

It has to do with a bitcoin address you own and you have control over. All you have to do is to publish it somewhere (in one of your unedited posts).

In case you need to prove that you are indeed the person who owns your account (for example, in case your account gets hacked), the administrator of this forum requires proof of ownership of that previously published bitcoin address.

In fact, on BCT you can't use your email address to prove your identity even if you wanted to. This inability to prove identity via email address is, surprisingly, something even some of the more experienced users whose accounts have been hacked complain about (from time to time).

But, as already said, your identity is your public key, and I'm not surprised that the administrator of this forum insists on it.

Let's get a little bit more into identities in the crypto space.

If you want to speak to the world on behalf of a certain identity (public key), you have to possess the private key that corresponds to that identity.

This makes a lot of sense, because you can then sign a message by using the corresponding private key and share that message with the world. The world can then verify that it is indeed you, the identity behind that public key, by verifying the signature.

So, again, in the crypto-world, your identity is your public key. Moreover, you can have a lot of public keys (aka bitcoin addresses), and this has as a consequence that you can create numerous identities.

You can use a certain identity for a couple of days and decide to switch to another identity after that.

In the real world, your identity (your identity document) has to be managed by a central authority. And this identity is permanent, or at least not so easy to change.

In the crypto world, your identity is managed by you in a decentralized way, and you can change it as many times as you like.

This loose sense of identity doesn't mean that you are totally anonymous or that you have total privacy. The reason is that your crypto identity leaves traces and behavioral patterns that can be traced and can lead back to your real-world persona.

You can read more about privacy/anonymity in bitcoin here.

Now, because your identity is essentially a random 26 to 35 alphanumeric sequence, you might be wondering if another person could possibly assume the same identity as yours (the technical term is collision). Even if you change your identity 1000 times every day, chances of this happening are negligible. In fact, here is a nice illustration of how impossibly difficult a collision with another bitcoin address is:

Quote
... if all the land on earth became as densely populated as Manila, the densest city in the world, and everyone generated 1000 addresses per day, it would take 184,025 years on average for the same address to be generated twice...
Source: https://www.reddit.com/r/Bitcoin/comments/790e9j/the_probability_of_the_same_bitcoin_address_being/


In conclusion, if you are a beginner, to be able to verify your identity in case of unforeseen circumstances, do the following:

 1) learn how to sign a message with your bitcoin address from this excellent tutorial.

 2) sign a message of a predefined format (as explained in step 1) and post it here.

Now you can then be sure that you can prove your identity in case such a proof is needed.

Edit: Revised according to the corrections indicated in @pooya87's post below.

What is the different between public address and public, because I open one online account and I see something like public key, private key and public address are them the same?
Pages: [1]
  Print  
 
Jump to:  

Bitcointalk.org is not available or authorized for sale. Do not believe any fake listings.
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!