btc123thatthere (OP)
Member
 Offline
Activity: 131
Merit: 29
|
 |
November 19, 2019, 12:51:52 AM |
|
I'm using Bitcoin Core v0.18.0 & Qt version 5.9.7.
Is it possible to sign a single message from more than one address?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
No Gods or Kings. Only Bitcoin
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
achow101
Moderator
Legendary
Offline
Activity: 3388
Merit: 6578
Just writing some code
|
|
November 19, 2019, 02:03:59 AM |
|
No. You have to sign the same message multiple times.
|
|
|
|
AB de Royse777
Legendary
Offline
Activity: 2478
Merit: 3893
Hire Bitcointalk Camp. Manager @ r7promotions.com
|
|
November 19, 2019, 07:55:24 AM |
|
Idea is that signing a message using a bitcoin address means you have the private key. One address one private key so logically and also practically you can not sign a message with more than one address.
|
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
btc123thatthere (OP)
Member
Offline
Activity: 131
Merit: 29
|
|
November 19, 2019, 12:19:50 PM
Last edit: November 19, 2019, 12:30:40 PM by btc123thatthere |
|
Will doing so (producing a signed message) reveal the public key to anyone who sees the signature or just a hash of the public key? (Or a hash straight from the private key?)
|
|
|
|
|
The Cryptovator
Legendary
Offline
Activity: 2240
Merit: 2172
Need PR/CMC & CG? TG @The_Cryptovator
|
|
November 19, 2019, 12:57:40 PM |
|
Will doing so (producing a signed message) reveal the public key to anyone who sees the signature or just a hash of the public key? (Or a hash straight from the private key?) Signature is genarated from hash and private keys. It should not effected or revealed your private keys. Its something like you are proving ownership of your address without providing your private to someone else. Every one is free to verify if you provide all details (raw msg, address & signature) except private keys, but no one will see your private key. the signature to determine that it was originally produced from the hash and the private key, without needing to know the private key. |
|
|
|
btc123thatthere (OP)
Member
Offline
Activity: 131
Merit: 29
|
|
November 19, 2019, 01:13:04 PM |
|
So does the signature (somehow) reveal the public key?
|
|
|
|
|
logfiles
Copper Member
Legendary
Offline
Activity: 1974
Merit: 1647
Top Crypto Casino
|
|
November 19, 2019, 01:44:25 PM |
|
So does the signature (somehow) reveal the public key?
In order to verify the sender's signature, the person verifying should know the sender's public key. Without it, there is no way of verifying if the signature is valid. And since a public key corresponds to a private key, it would imply that the person who signed the message actually owns the private key of the address without revealing the private key This video could help: https://www.youtube.com/watch?v=U2bw_N6kQL8 |
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18509
|
So does the signature (somehow) reveal the public key? The signature on its own does not, but the signature combined with the message does. In order to verify the sender's signature, the person verifying should know the sender's public key. They actually don't need to know the public key, or at least, you don't need to give it them. To sign a message, you need to include three things: The address (which is a hash of the public key), the signature which you generate, and the message itself. There is no requirement to send your public key to the other party. By using a feature of ECDSA, their wallet or software can recover your public key (actually two possible public keys) by inputting your message and signature in to an equation, and then hash that public key to ensure it matches your address. |
|
|
|
|
ranochigo
Legendary
Offline
Activity: 2954
Merit: 4165
|
So does the signature (somehow) reveal the public key?
In order to verify the sender's signature, the person verifying should know the sender's public key. Without it, there is no way of verifying if the signature is valid. And since a public key corresponds to a private key, it would imply that the person who signed the message actually owns the private key of the address without revealing the private key This video could help: https://www.youtube.com/watch?v=U2bw_N6kQL8It is not a requirement for the verifier to have the public key of the address used in the signature. The address is NOT the public key but rather, it is the hash of the public key. With the use of ECDSA and the secp256k1 curve, you can determine the 2 possible public keys used to sign the message. The client will then hash the address given by the user to check if it matches the key. Brainwallet can even show you with the address used to sign the message if you don't provide them with one. |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
The Cryptovator
Legendary
Offline
Activity: 2240
Merit: 2172
Need PR/CMC & CG? TG @The_Cryptovator
|
|
November 20, 2019, 06:18:25 AM
Last edit: November 21, 2019, 08:30:21 AM by Coolcryptovator |
|
In order to verify the sender's signature, the person verifying should know the sender's public key. Without it, there is no way of verifying if the signature is valid.
I think you mixed up public key with address. Public key doesn't necessarily to verify message. Address is a compressed appearance of public key. And public key genarated from private keys. So only address, message and signature is necessary to verify prove ownership. |
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18509
|
|
November 20, 2019, 12:07:08 PM |
|
Public key doesn't necessarily to verify message. It actually is needed, it's just you don't have to send it to the verifier; they can calculate it themselves. Address is a compressed appearance of public key. Careful with your wording here. An address is a hash of a public key. This is important because it means you can't reverse the process and generate a public key from only knowing the address. This is different to compression. For example, if you know a compressed public key, you can calculate the full uncompressed public key without any additional information. You may see below picture how it work So in that picture, the "f(t,s,a)" function uses the message and signature to calculate the public key, hashes it, and then checks it matches the given address. |
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
November 20, 2019, 01:53:37 PM |
|
~snip~
This is an incredibly horrible representation of the process. 1) There are no bitcoin 'accounts'. 2) The address is not an 'account number'. 3) The "signature checker" function does need the public key to verify the signature. But this image implies the address is used. It is quite inaccurate. Even for a simplified version of the process. Alone the wrong naming makes it a bad representation. I'd suggest to rather not use this image when explaining things as it will result in newbies getting confused and/or learning wrong terms. |
|
|
|
The Cryptovator
Legendary
Offline
Activity: 2240
Merit: 2172
Need PR/CMC & CG? TG @The_Cryptovator
|
|
November 21, 2019, 08:23:43 AM
Last edit: November 21, 2019, 08:57:59 AM by Coolcryptovator |
|
Public key doesn't necessarily to verify message. It actually is needed, it's just you don't have to send it to the verifier; they can calculate it themselves. What I have seen on brain wallet, they never asked for public key for verify signature. They just ask address, message and signature. Means you are able to verify signature with thses details. Public keys isn't necessary here. Even you don't need to provide address to verify signature, wallet automatically will show from which address it has been signed. If wallet themselves calculate public keys means it's not necessary for you. That's what my point. Careful with your wording here. An address is a hash of a public key. This is important because it means you can't reverse the process and generate a public key from only knowing the address. This is different to compression. For example, if you know a compressed public key, you can calculate the full uncompressed public key without any additional information.
I know address is hash of public key which is one way, can't calculate reverse. I Google about public key, seems most of articles mixed up public keys with address. That's why I just explain normally that address is another appearance of public. Yes, I shouldn't use compressed word in that case. Edited post by the way. |
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18509
|
|
November 21, 2019, 10:45:46 AM |
|
Even you don't need to provide address to verify signature, wallet automatically will show from which address it has been signed. Correct. As I explained above, the verifying software will use the message and the signature to calculate usually two possible public keys (but very rarely 4), and then determine which one was used to sign the message. It will then hash that public key to give an address. If you have also supplied an address, it will tell you if they match. If you haven't supplied an address, then it will display the address it has calculated. That's why I just explain normally that address is another appearance of public.
It's not, though. I'm not sure how much of this is a language barrier, but to suggest two things are different appearances of the same thing also suggests that they are interchangeable or convertible back and forth, which you've correctly stated in your previous statement that they are not. |
|
|
|
|
|
Text
|
|
November 21, 2019, 11:05:49 AM |
|
Since then, all I know that the public key and address are just the same. Please enlighten me more... So I came to google and typed on the search bar "public key and address" and I got this result from investopedia.com The public address is a hashed version of the public key. Because the public key is made up of an extremely long string of numbers, it is compressed and shortened to form the public address. In effect, the private key generates the public key which, in turn, generates the public address.
 |
| | | | | | | ███▄▀██▄▄
░░▄████▄▀████ ▄▄▄
░░████▄▄▄▄░░█▀▀
███ ██████▄▄▀█▌
░▄░░███▀████
░▐█░░███░██▄▄
░░▄▀░████▄▄▄▀█
░█░▄███▀████ ▐█
▀▄▄███▀▄██▄
░░▄██▌░░██▀
░▐█▀████ ▀██
░░█▌██████ ▀▀██▄
░░▀███ | | ▄▄██▀▄███
▄▄▄████▀▄████▄░░
▀▀█░░▄▄▄▄████░░
▐█▀▄▄█████████
████▀███░░▄░
▄▄██░███░░█▌░
█▀▄▄▄████░▀▄░░
█▌████▀███▄░█░
▄██▄▀███▄▄▀
▀██░░▐██▄░░
██▀████▀█▌░
▄██▀▀██████▐█░░
███▀░░ | | | | |
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18509
|
|
November 21, 2019, 12:38:40 PM |
|
In effect, the private key generates the public key which, in turn, generates the public address.
This is correct, at the most basic level. Your private key is (almost) any 256 bit number. The private key is used to generate the public key by using the ECDSA curve secp256k1. This is a one way process. The public key is used to generate the address by first passing it through sha256, then ripemd160, then calculating and appending the checksum. Again, a one way process. |
|
|
|
|
achow101
Moderator
Legendary
Offline
Activity: 3388
Merit: 6578
Just writing some code
|
|
November 21, 2019, 10:35:59 PM |
|
What I have seen on brain wallet, they never asked for public key for verify signature. They just ask address, message and signature. Means you are able to verify signature with thses details. Public keys isn't necessary here. Even you don't need to provide address to verify signature, wallet automatically will show from which address it has been signed. If wallet themselves calculate public keys means it's not necessary for you. That's what my point. That is incorrect. In ECDSA, to verify a signature, you MUST have the public key, the signature, and the message. However, there is a way that, given a signature and a message, you can compute a public key that would verify the trio. The caveat is that every signature and every message has a public key that makes the trio valid. Without knowing the public key or some representation of it, a signature and message combo is always valid for some public key. The point of a public key is that you are verifying the identify of the person who created the signature and message. Bitcoin does not require you to have the public key for signed messages because you are required to have the address, which is a representation of the public key. Bitcoin signed messages are verified by recovering the pubkey from the signature and message. Then that public key is hashed and the address computed from that. That computed address is compared to the address given to the verifier. If it matches, then the signature is "valid". If not, it is "invalid". So verifying a signed message absolutely requires the public key or some representation of it (aka the address). |
|
|
|
|
