Bitcoin Forum
October 14, 2024, 01:00:19 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Does android version support message signing?  (Read 104 times)
Saltius (OP)
Member
**
Offline Offline

Activity: 166
Merit: 16


View Profile
December 24, 2020, 07:11:22 AM
 #1

I know how to sign a message upon certain address on PC version Electrum.

But my offline signing device is an android phone and I can't find coresponding buttons on android version.

Does it support or not?
NotATether
Legendary
*
Offline Offline

Activity: 1750
Merit: 7322


In memory of o_e_l_e_o


View Profile WWW
December 24, 2020, 08:26:18 AM
 #2

No it's not implemented in Android. There was a question like this a few years ago for an older version of Electrum: https://bitcointalk.org/index.php?topic=2091408.0 and it wasn't implemented then either. I don't think anything has changed from viewing the commit history since then.

Pmalek
Legendary
*
Offline Offline

Activity: 2912
Merit: 7512


Playgram - The Telegram Casino


View Profile
December 24, 2020, 08:30:17 AM
 #3

I was just about to mention the same thing NotATether did. So you are left with either restoring your wallet on the desktop client with the seed you received on your Android device, or you can do what was suggested in the thread that NotATether linked to, and use the Mycelium mobile app which has an option to sign messages via a mobile device.

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
Saltius (OP)
Member
**
Offline Offline

Activity: 166
Merit: 16


View Profile
December 24, 2020, 08:35:02 AM
 #4

No it's not implemented in Android. There was a question like this a few years ago for an older version of Electrum: https://bitcointalk.org/index.php?topic=2091408.0 and it wasn't implemented then either. I don't think anything has changed from viewing the commit history since then.

Thanks!

I was just about to mention the same thing NotATether did. So you are left with either restoring your wallet on the desktop client with the seed you received on your Android device, or you can do what was suggested in the thread that NotATether linked to, and use the Mycelium mobile app which has an option to sign messages via a mobile device.

Now I shall turn to another method by installing linux version Electrum on that phone.
(As I happened to deploy arm-linux on that same phone to run armory offline signer.)

If that method fails, I may have to switch to another app.
NotATether
Legendary
*
Offline Offline

Activity: 1750
Merit: 7322


In memory of o_e_l_e_o


View Profile WWW
December 24, 2020, 08:48:09 AM
 #5

Now I shall turn to another method by installing linux version Electrum on that phone.
(As I happened to deploy arm-linux on that same phone to run armory offline signer.)

If that method fails, I may have to switch to another app.

Since you are running Android, if you have a desktop somewhere that you can't reach for some reason, you can install one of the SSH apps available and connect to your desktop which has Electrum, and you can run Electrum from the command line and use the signmessage and veriymessage commands to sign and verify a message.

https://electrum.readthedocs.io/en/latest/cmdline.html

Code:
electrum daemon -d # start Electrum
electrum load_wallet -w /path/to/wallet/file
# and this is how you sign and verify a message
sig=$(cat message.txt | electrum signmessage 1JuiT4dM65d8vBt8qUYamnDmAMJ4MjjxRE -)
cat message.txt | electrum verifymessage 1JuiT4dM65d8vBt8qUYamnDmAMJ4MjjxRE $sig -
electrum stop # stop Electrum

You can do this on Mac and Linux. On Windows this should also be possible if you run an SSH server with PuTTY.

BitMaxz
Legendary
*
Offline Offline

Activity: 3402
Merit: 3146


Is the $100k BTC possible?


View Profile WWW
December 25, 2020, 12:29:22 AM
 #6

Now I shall turn to another method by installing linux version Electrum on that phone.
(As I happened to deploy arm-linux on that same phone to run armory offline signer.)

If that method fails, I may have to switch to another app.

You just make things complicated the armory offline signer is for signing transaction not for "sign message" and I think you don't understand the difference between sign message and sign transaction?

The only fast and easy solution to your problem is to use Mycelium as suggested above you can able to sign a message there.

It looks like this




Just import your private key on that app and make a sign message.

Or you might be talking about signing a transaction?
If you are using Electrum you need to copy the hex/raw code and paste it to your android(Electrum) even it's offline you can able to sign the transaction and export the signed raw/hex transaction and then transfer them to any online device where you can broadcast the transaction.

BTC Road to $80k...
Saltius (OP)
Member
**
Offline Offline

Activity: 166
Merit: 16


View Profile
December 25, 2020, 02:15:58 AM
Last edit: December 25, 2020, 02:28:56 AM by Saltius
 #7

Now I shall turn to another method by installing linux version Electrum on that phone.
(As I happened to deploy arm-linux on that same phone to run armory offline signer.)

If that method fails, I may have to switch to another app.

You just make things complicated the armory offline signer is for signing transaction not for "sign message" and I think you don't understand the difference between sign message and sign transaction?

The only fast and easy solution to your problem is to use Mycelium as suggested above you can able to sign a message there.

It looks like this




Just import your private key on that app and make a sign message.

Or you might be talking about signing a transaction?
If you are using Electrum you need to copy the hex/raw code and paste it to your android(Electrum) even it's offline you can able to sign the transaction and export the signed raw/hex transaction and then transfer them to any online device where you can broadcast the transaction.

When I say armory signer, I refer it as a tx signer. I never say I used it to sign message.
But linux version Electrum does support message signing.
If I can't distinguish tx signing and message signing, I would never post this thread in the first place bcz android electrum supports tx signing of coz.

Btw: does Mycelium has some similar counterparts like electrum personal server which could be used alongside with a full node?
I also went to the mainpage of Mycelium, then the download page.
Well ,the page itself looks much nicer than Electrum one. But where is the GPG signature of the download files or any other similar things?
NotATether
Legendary
*
Offline Offline

Activity: 1750
Merit: 7322


In memory of o_e_l_e_o


View Profile WWW
December 25, 2020, 02:39:51 AM
 #8

Btw: does Mycelium has some similar counterparts like electrum personal server which could be used alongside with a full node?
I also went to the mainpage of Mycelium, then the download page.

Mycelium doesn't have a program that runs a server because that feature is not supported. You can't run a community Mycelium server.

Well ,the page itself looks much nicer than Electrum one. But where is the GPG signature of the download files or any other similar things?

There are no hashes or GPG signatures at all available on that page. Maybe the downloads at Google Play and App Store have their own signatures bundled but I'm not sure.

Saltius (OP)
Member
**
Offline Offline

Activity: 166
Merit: 16


View Profile
December 25, 2020, 02:47:02 AM
 #9

Well ,the page itself looks much nicer than Electrum one. But where is the GPG signature of the download files or any other similar things?

There are no hashes or GPG signatures at all available on that page. Maybe the downloads at Google Play and App Store have their own signatures bundled but I'm not sure.
Well, I could download from Google Play then extract the apk out then copy it to my offline cellphone to install.
But that gave me a bad impression that they don't give security a top priority.
(Well, just impression.It may still be a safe and sound app.)
ranochigo
Legendary
*
Offline Offline

Activity: 3038
Merit: 4420


Crypto Swap Exchange


View Profile
December 25, 2020, 03:04:51 AM
 #10

Well, I could download from Google Play then extract the apk out then copy it to my offline cellphone to install.
But that gave me a bad impression that they don't give security a top priority.
(Well, just impression.It may still be a safe and sound app.)
Not secure. There's no guarantees that whatever you've downloaded is secure because there is no source of information to cross check and your trust will be fully on Google Play and yourself to be downloading the legitimate version. The reason why Electrum has PGP validation is such that the trust lies on the precompiled binaries by ThomasV and if you trust him, validating the program with his PGP is sufficient.

That being said, most Android Apps are not designed for offline storage specifically but mainly for the convenience of accessing your funds from another wallet.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
TryNinja
Legendary
*
Offline Offline

Activity: 2982
Merit: 7398


Top Crypto Casino


View Profile WWW
December 25, 2020, 03:19:50 AM
 #11

Well, I could download from Google Play then extract the apk out then copy it to my offline cellphone to install.
But that gave me a bad impression that they don't give security a top priority.
You can download the .apk from their website[1] and compare its hash with the one you extracted from the Google Play Store. If both match, you at least know you have one less thing to worry about.

[1] https://wallet.mycelium.com/contact.html

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
Saltius (OP)
Member
**
Offline Offline

Activity: 166
Merit: 16


View Profile
December 25, 2020, 03:22:54 AM
 #12

Well, I could download from Google Play then extract the apk out then copy it to my offline cellphone to install.
But that gave me a bad impression that they don't give security a top priority.
(Well, just impression.It may still be a safe and sound app.)
Not secure. There's no guarantees that whatever you've downloaded is secure because there is no source of information to cross check and your trust will be fully on Google Play and yourself to be downloading the legitimate version. The reason why Electrum has PGP validation is such that the trust lies on the precompiled binaries by ThomasV and if you trust him, validating the program with his PGP is sufficient.

That being said, most Android Apps are not designed for offline storage specifically but mainly for the convenience of accessing your funds from another wallet.

I care about the download validation bcz one acquantaince of mine lost quite a bit fund last time the Electrum-LTC's official download site was compromised and he didn't do any validation at all.

I know that we can't prevent but the risk could be mitigated a little.

You can download the .apk from their website[1] and compare its hash with the one you extracted from the Google Play Store. If both match, you at least you know you have something less to worry about.

[1] https://wallet.mycelium.com/contact.html

True. A smart move.
BitMaxz
Legendary
*
Offline Offline

Activity: 3402
Merit: 3146


Is the $100k BTC possible?


View Profile WWW
December 25, 2020, 11:39:01 PM
 #13

I care about the download validation bcz one acquantaince of mine lost quite a bit fund last time the Electrum-LTC's official download site was compromised and he didn't do any validation at all.

I know that we can't prevent but the risk could be mitigated a little.


That's the problem mycelium is a closed source wallet and I tried to search on google or even on their website they don't have any signature or PGP just to check if it's a fake or original one.

Just make sure that you downloaded it from the play store with lots of reviews because fake wallets can't able to have many reviews on their app. So it is the one you must check if it is legit or fake app.

BTC Road to $80k...
ranochigo
Legendary
*
Offline Offline

Activity: 3038
Merit: 4420


Crypto Swap Exchange


View Profile
December 26, 2020, 04:07:09 AM
 #14

That's the problem mycelium is a closed source wallet and I tried to search on google or even on their website they don't have any signature or PGP just to check if it's a fake or original one.

Just make sure that you downloaded it from the play store with lots of reviews because fake wallets can't able to have many reviews on their app. So it is the one you must check if it is legit or fake app.

It's open source[1]. No easy way to verify the build yourself since they don't provide hashes and they're not signed by PGP. You can build the Mycelium from source and verify it with the apk, if you want. It's fairly easy to do and the steps are on the github pages under deterministic build.

Tbf, signatures doesn't strictly provide sufficient security, when your source for such information would be located on the phishing website as well. PGP works best if you have an established WOT.

[1] https://github.com/mycelium-com/wallet-android

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!