When was a message signed.

[KevinNash]

How to verify to a court when was a bitcoin message signed any thing that proofs?

[1714246089]

1714246089

[1714246089]

1714246089

[1714246089]

1714246089

[vjudeu]

Just include a block hash in your message. Then, it is guaranteed, that is was generated at that date, or later.

(and you can include something that has some confirmations, just to be safe from potential chain reorganizations)

[KevinNash]

Just include a block hash in your message. Then, it is guaranteed, that is was generated at that date, or later.

(and you can include something that has some confirmations, just to be safe from potential chain reorganizations)

You can sign a message today that shows it was signed years ago. This means there's no any kind of proofs to prove q date of an old signed message?

[apogio]

You can sign a message today that shows it was signed years ago. This means there's no any kind of proofs to prove q date of an old signed message?

Just sign something like this:

Code:

My name is X and I sign this message today on 2024-01-03 at 17:55. Last block hash is 0000000000000000000044ad2c3a48f04170cf1bdeec82b0c184bb683ec9985b.

[KevinNash]

You can sign a message today that shows it was signed years ago. This means there's no any kind of proofs to prove q date of an old signed message?

Just sign something like this:

Code:

My name is X and I sign this message today on 2024-01-03 at 17:55. Last block hash is 0000000000000000000044ad2c3a48f04170cf1bdeec82b0c184bb683ec9985b.

I can sign a message like this right now with 2012 details. It still doesnt confirm it was signed in 2012. The point is the blockchain doesnt show when this message was signed or there was btc contract call to sign in a specific date.

Something like this must be added to the btc code.

[vjudeu]

I can sign a message like this right now with 2012 details. It still doesnt confirm it was signed in 2012.

Oh, so what you want, is not a signature, but rather a commitment. Which means, you should instead point to your old transaction, for example from 2012, and reveal the data, that will match R-value of the public key, used in your signature.

And in that case, you can do that today, but not in 2012, because you would need to re-mine all blocks from 2012 to this date, to fake that kind of proof.

And yes, commitments cost money, but you can also ask someone to include a commitment to his transaction, because it would take zero additional on-chain bytes, because it is just about replacing one 256-bit number with another 256-bit number, so the size of the transaction stays the same.

[apogio]

I can sign a message like this right now with 2012 details. It still doesnt confirm it was signed in 2012. The point is the blockchain doesnt show when this message was signed or there was btc contract call to sign in a specific date.

Something like this must be added to the btc code.

Signing and Broadcasting are 2 completely different actions. Signing means you prove that you own a message. If you want to let people know when the message was signed you need to include it in the blockchain and broadcast it in a block.

At the same time, I don't understand what you wanna do. Did you sign a message in 2012 and you want to prove now that you signed it back then?

Because if so, you need to include it in a block mined in 2012. Which is impossible.

[KevinNash]

I can sign a message like this right now with 2012 details. It still doesnt confirm it was signed in 2012. The point is the blockchain doesnt show when this message was signed or there was btc contract call to sign in a specific date.

Something like this must be added to the btc code.

Signing and Broadcasting are 2 completely different actions. Signing means you prove that you own a message. If you want to let people know when the message was signed you need to include it in the blockchain and broadcast it in a block.

At the same time, I don't understand what you wanna do. Did you sign a message in 2012 and you want to prove now that you signed it back then?

Because if so, you need to include it in a block mined in 2012. Which is impossible.

Yes, that is exactly what i want to do. Impossible as you said.

[apogio]

Yes, that is exactly what i want to do. Impossible as you said.

But again, you say it should be added to the code. How? I mean it existed in the code back then, but you didn't do it. I don't blame you, I just say that I don't think it's bitcoin's malfunction. The way blockchain works, as vjdue said, you would need to re-mine all these blocks. But these blocks have thousands of validations and confirmations... So...

[KevinNash]

Yes, that is exactly what i want to do. Impossible as you said.

But again, you say it should be added to the code. How? I mean it existed in the code back then, but you didn't do it. I don't blame you, I just say that I don't think it's bitcoin's malfunction. The way blockchain works, as vjdue said, you would need to re-mine all these blocks. But these blocks have thousands of validations and confirmations... So...

Regarding broadcasting a message does it reveal it to the public anyone can see it without providing him the details of it? If yes its a problem. It should remain private but only expose when needed.

[vjudeu]

Regarding broadcasting a message does it reveal it to the public anyone can see it without providing him the details of it?

You don't need to include the message explicitly. All that is needed, is just replacing one random signature, with another random signature, with some offset. Then, it will be possible later to prove, that a given data is connected with a given signature, without revealing that data as a plain text, in the moment of creating it.

Which means, you can create a TapScript, with the content of "OP_RETURN <anyData>", and then convert your Taproot address, into R-value of your signature, and sign it. And because R-value of each signature, is just some public key, you can do so, with any address type you want, including P2PK.

[apogio]

Regarding broadcasting a message does it reveal it to the public anyone can see it without providing him the details of it? If yes its a problem. It should remain private but only expose when needed.

Just sign an encrypted message. It will be broadcasted on the blockchain and nobody will read it. Once the time has come, just give us the decryption key. And we will read it then.

There is no way to alter the blockchain. And this is why Bitcoin is strong and secure

Edit: what vjudeu said does exactly what you want.

[KevinNash]

Thank you i will be careful next times

[vjudeu]

Just sign an encrypted message.

It is better to tweak R-value of the signature, because then, nobody knows, if any commitment is included to a given transaction, or not.

[digaran]

You would need a reference regardless, to show as the proof, either it could be a third party, which would require that third party to be trusted to vouch for the time it saw your message or you could use crypto-mojo as mentioned by our friends.

However there is a simple non technical solution, just post half of the signature on a social media, or post on forum asking someone to quote it for you, plus many other ways, but I'm guessing this is related to puzzles, right?

[BlackHatCoiner]

I can sign a message like this right now with 2012 details. It still doesnt confirm it was signed in 2012. The point is the blockchain doesnt show when this message was signed or there was btc contract call to sign in a specific date.

You cannot know when a message was signed, for the same reason you cannot know when key pairs (public key, private key) were generated; these are timeless operations. You can only prove that a message was signed after a certain date.

However there is a simple non technical solution, just post half of the signature on a social media, or post on forum asking someone to quote it for you, plus many other ways, but I'm guessing this is related to puzzles, right?

This does not preclude the possibility that you might have signed the message years before and are now publishing the signature.

[vjudeu]

Well, maybe not everything is lost. If you used some HD wallet (BIP-32 was created on 2012-02-11), or if you can gather the source of entropy, which was used to generate some transactions back then, in 2012, then this could be enough to prove, that your node generated a given transaction or address in the past. But I guess it is not easy, to recover that kind of information.

[mikeywith]

How to verify to a court when was a bitcoin message signed any thing that proofs?

You can, but only if you plan a head before signing the message, otherwise, it's not possible.

these are timeless operations. You can only prove that a message was signed after a certain date.

You can use time-locked transaction to prove that you signed a message between two time intervals.

Say I have to sign a message tomorrow (not earlier and not later than tomorrow)

1- prove the lower bound on the signing time:

- I include the block hash of the first block tomorrow (this proves I couldn't have signed the message earlier than tomorrow)

2-prove the upper bound on the signing time

- I include the txid for a time-locked transaction that only unlocks tomorrow night which has not been included in a block yet (this proves I did not sign the message after tomorrow)

Given that not every node's clock is synced well with the rest, you are going to count on 'Bitcoin's Median Time Past', so this can't be narrowed down to the exact second, but is somewhat accurate.

[BlackHatCoiner]

- I include the txid for a time-locked transaction that only unlocks tomorrow night which has not been included in a block yet (this proves I did not sign the message after tomorrow)

How does this prove you didn't sign the message after tomorrow night?

Let me confirm your thought:

• Include the current block hash to the message. This ensures you can't have signed it prior the current block's time.
• Create a transaction that cannot be mined until the next 100th block.
• Include its TXID to the message.
• Sign the message and tell everyone to wait up until that block.

So, how can people who see the message after that 100th block verify it was signed before it?

[vjudeu]

So, how can people who see the message after that 100th block verify it was signed before it?

Because you can write a double-spend. Which means, things are locked in, and you cannot modify something, which was committed on-chain. If you created a double-spend intentionally, and committed it into one of your signatures, then you can later reveal that commitment.

Maybe I should show you, how the whole proof could look like, if you use commitments. Getting it "technically correct" on some test network will take some time, so here is the draft:

1. Current block hash: 00000000000000000003a9044d0dffa7630a2b63b7631412cb5598eef7781488

This is easy, and can prove, that this message was written on 2024-01-03 23:09 UTC (or later, but not before that).

2. Transaction hash: 576a95899c537e861cac07d294228b703297938310b9d780aaef2bf28a6ab8bf

Then, you make sure, that this transaction is present on-chain, it is valid, and confirmed. You find my signature, and extract it:

Code:

30440220
1a8615561a18fbc274b51d84f29e311ee93dd2242d5710149b816286bb18990d //r-value
0220
6507ca5cd1ea2a0b17b6b5f35d3ce0e9a3e536b98cb4469fb57b07da5e47bca5 //s-value
01

And then, you look at R-value of that signature, and convert it into Taproot address: bc1pr2rp24s6rrauya94rkz09833rm5nm53y94t3q9yms93gdwccnyxsxseupy

Then, if I can provide you any matching TapScript, in that case I can include any proof. Which means, if that R-value was random, then I would be able to spend by key, but not by TapScript. But if I prepared it intentionally before, then I could reveal a TapScript, for example with 'OP_RETURN "Here is my proof"'. In that case, it would be impossible to abuse it, and post that commitment on-chain (because it starts with OP_RETURN), but at the same time, it would be possible, to prove later, that I didn't generate that message in 2028, because it would require going back into 2024, and modifying R-value of that specific transaction.