Are Bitcoin Signature Messages still safe in 2024?

[AzizLeBG]

Hi,

I'm currently in the transaction facilitation industry, and I was looking to fill an order of a buyer of mine. One of the prerequisites of the transaction is to ask for a Signature Message proving the other party owns their BTC Coins. Now, I have been surfing threw multiples forums of people arguing over this topic. Some say it is 100% safe, if you don't sign using the same K Nonce, do it offline or do it on exchanges, some say there are risks involved.  I find myself in between trying to have a clear idea of this known process in the BTC ecosystem, it's just a really niche feature not really used a lot nowadays. It can be done on Blockchain.com, Ledger, Electrum and Bitcoin Core and some other exchanges.

Any ideas, informations or arguments are appreciated.

Yours truely,

AzizLeBG

[Charles-Tim]

To prove that you are the owner of an address and which is funded with bitcoin. Yes you can sign a message with the bitcoin address and include the date that you signed it. It is safe.

It can be done on Blockchain.com, Ledger, Electrum and Bitcoin Core and some other exchanges.

When I was testing blockchain.com walle like a years ago, it can not be used to sign a message. Also you can not use an exchange account to sign a message. You need a noncustodial wallet for it which has seed phrase or private key. Only the person that has the private key of the address can sign a message with the address.

[Orpichukwu]

I'm currently in the transaction facilitation industry, and I was looking to fill an order of a buyer of mine. One of the prerequisites of the transaction is to ask for a Signature Message proving the other party owns their BTC Coins. Now, I have been surfing through multiples forums of people arguing over this topic. Some say it is 100% safe, if you don't sign using the same K Nonce, do it offline or do it on exchanges, some say there are risks involved.  I find myself in between trying to have a clear idea of this known process in the BTC ecosystem, it's just a really niche feature not really used a lot nowadays. It can be done on Blockchain.com, Ledger, Electrum and Bitcoin Core and some other exchanges.

Signing messages is completely safe as long as you are using a safe route. If you make use of an electrum, a Bitcoin core, or any other noncustodial wallet that you have total control over that has the option and is open source (other developers verifying the legitimacy of the wallet) it's safe. Just don't go and input your private key or phrase into any online places asking you for such information, all in the name of the person the person you want to sign the signature message.
 
Bitcoin core, electrum, and other wallets that you mentioned above are not the same thing as exchange. It's not possible for you to sign in a signature message using exchange because they don't give you a private key; you can only do that using your wallet's private key, as that shows that you are the true owner of the said wallet.

[hosseinimr93]

Some say it is 100% safe, if you don't sign using the same K Nonce, do it offline or do it on exchanges, some say there are risks involved.

No need to worry about the K value.
Wallets generate the k value deterministically and they never use the same K value for two transactions.

Also note that you can't sign message on exchanges. You can sign message on some non-custodial wallets.
I say "some noncustodial wallets", because not all of them support signing message. For example, blockchain.com is a non-custodial wallet, but it doesn't allow you to sign a message.

[pooya87]

Signing a message is pretty much like signing a transaction. The only difference is that the digest is computed by hashing the message string (after prepending a fixed value to the start of it) instead of the transaction. Hash algorithm and ECDSA and subsequently the ephemeral key (k) selection are all the same.

So if the software that is used for signing transactions (sending bitcoin) is secure, the result for message signing should be safe as well. Otherwise singing a transaction would also put you at risk of leaking your key.
And like always use popular open source software that is extensively reviewed and is bug free.

[AzizLeBG]

Signing a message is pretty much like signing a transaction. The only difference is that the digest is computed by hashing the message string (after prepending a fixed value to the start of it) instead of the transaction. Hash algorithm and ECDSA and subsequently the ephemeral key (k) selection are all the same.

So if the software that is used for signing transactions (sending bitcoin) is secure, the result for message signing should be safe as well. Otherwise singing a transaction would also put you at risk of leaking your key.
And like always use popular open source software that is extensively reviewed and is bug free.

So Electrum is my best option in this case? It has a built in feature and is a pretty old and known wallet. Also, as always in a safe environment.

[ranochigo]

So Electrum is my best option in this case? It has a built in feature and is a pretty old and known wallet. Also, as always in a safe environment.

Electrum or Bitcoin Core are probably two of the most well known and developed wallet. If you're sure that you can operate your wallet in an environment that is safe and secure, there shouldn't be any problems whatsoever that concerns security.

Your idea for signing message should primarily be proving the ownership of the address. Signing a message will prove that they are in ownership of the address and whatever amount of Bitcoins associated with that address at that point in time. You should be clear about the message and the context, specifically taking note of the purpose and the timestamp within the signed message.

[AzizLeBG]

So Electrum is my best option in this case? It has a built in feature and is a pretty old and known wallet. Also, as always in a safe environment.

Electrum or Bitcoin Core are probably two of the most well known and developed wallet. If you're sure that you can operate your wallet in an environment that is safe and secure, there shouldn't be any problems whatsoever that concerns security.

Your idea for signing message should primarily be proving the ownership of the address. Signing a message will prove that they are in ownership of the address and whatever amount of Bitcoins associated with that address at that point in time. You should be clear about the message and the context, specifically taking note of the purpose and the timestamp within the signed message.

I appreciate your thoughts, What should be an ideal message example? Something like this maybe? Do take into consideration that I'm the one to request it and verify it. Nobody else involded.
 
Message: "Bitcoin Signature for Proof of funds "
Signature: H5g/Jc...<...>...P6Ty5=
Timestamp: 2024-08-22 15:00:00

As for the verification part, since I'm acting as third party verification, Verifying should not be of any trouble as well? Still doable on Electrum. In this part, I would need an address, a signature and the exact message. The valid signature pop up should clear any concerns regarding ownership?

[ranochigo]

I appreciate your thoughts, What should be an ideal message example? Something like this maybe? Do take into consideration that I'm the one to request it and verify it. Nobody else involded.
 
Message: "Bitcoin Signature for Proof of funds "
Signature: H5g/Jc...<...>...P6Ty5=
Timestamp: 2024-08-22 15:00:00

Not exactly sure what's the intent and the purpose of your message and I'd go with what I would request to be signed typically. The message would typically be:

"This Bitcoin Message is signed on 2024-08-22 at 1500 Hours UTC+1. This message proves that I, AzizLeBG is in control of the funds and the address as of this time to facilitate the transaction between XX and XX on 2024-08-23."

You should be clear on the purpose of the message, and the timestamp to ensure that no one else would be able to reuse your signed message for other purposes. Bitcoin Signature for Proof of Funds is way too generic and can easily be reused.

As for the verification part, since I'm acting as third party verification, Verifying should not be of any trouble as well? Still doable on Electrum. In this part, I would need an address, a signature and the exact message. The valid signature pop up should clear any concerns regarding ownership.

No, but you should understand that having a signed message doesn't necessarily mean that they would send you the funds in the future. ie. I can borrow 2BTC from someone else, sign the message and send them back. This doesn't guarantee that they would commit to the transaction.

[nc50lc]

So Electrum is my best option in this case? It has a built in feature and is a pretty old and known wallet. Also, as always in a safe environment.

Electrum would be your best option because it has its famous implementation of message signing with SegWit addresses that's compatible with other clients
whilst other famous clients like Bitcoin Core still haven't set a standard aside from legacy address.
It will fail to sign and verify message signed with P2SH or native SegWit.

There are other similar clients to Electrum like Sparrow but those aren't as old as Electrum if being old is a criteria.

[AzizLeBG]

Not exactly sure what's the intent and the purpose of your message and I'd go with what I would request to be signed typically. The message would typically be:

"This Bitcoin Message is signed on 2024-08-22 at 1500 Hours UTC+1. This message proves that I, AzizLeBG is in control of the funds and the address as of this time to facilitate the transaction between XX and XX on 2024-08-23."

You should be clear on the purpose of the message, and the timestamp to ensure that no one else would be able to reuse your signed message for other purposes. Bitcoin Signature for Proof of Funds is way too generic and can easily be reused.

As for the verification part, since I'm acting as third party verification, Verifying should not be of any trouble as well? Still doable on Electrum. In this part, I would need an address, a signature and the exact message. The valid signature pop up should clear any concerns regarding ownership.

No, but you should understand that having a signed message doesn't necessarily mean that they would send you the funds in the future. ie. I can borrow 2BTC from someone else, sign the message and send them back. This doesn't guarantee that they would commit to the transaction.
[/quote]

Perfect, thank you all! I learned a lot. This sure is the higher leagues! But yea, Commitment can never be guaranteed.

[hd49728]

So Electrum is my best option in this case? It has a built in feature and is a pretty old and known wallet. Also, as always in a safe environment.

Electrum and Bitcoin Core are good wallets, non custodial, open source and there are other wallet softwares that are good too.

If you are unsure, you can check wallets with
https://walletscrutiny.com/ check whether a wallet is open source (reproducible or not).
https://bitcoin.org/en/choose-your-wallet choose wallets for your needs.

Any wallet software you want to download and use, verify what you download.

[Guide] Verify and download Electrum wallet
The paranoid user's security guide for using Electrum safely.

Bitcoin Core wallet has guides to verify your download too.

If you want a safe environment, try to use Linux, not Windows.

[odolvlobo]

Not exactly sure what's the intent and the purpose of your message and I'd go with what I would request to be signed typically. The message would typically be:

"This Bitcoin Message is signed on 2024-08-22 at 1500 Hours UTC+1. This message proves that I, AzizLeBG is in control of the funds and the address as of this time to facilitate the transaction between XX and XX on 2024-08-23."

In other words, the message should be very specific so that it can't be used for some other purpose or by someone else. If you are asking someone to provide a signed message, it is a good practice to require them to include specific text provided by you that is unique to the current transaction. That prevents the signer from reusing a signature. The signer should be allowed to include text of their choice for the same reason.

Also, it is a common mistake to believe that a signature proves that a statement is true or accurate. Anyone can sign a statement claiming to be Satoshi with the date 2009-01-03.

[LoyceV]

I'm currently in the transaction facilitation industry

Well, based on your posts: you shouldn't be. You'll either get scammed, or you'll scam someone else.

I was looking to fill an order of a buyer of mine.

Who is this "buyer" who trusts someone who uses chatbot diarrhoea to pretend he knows what he's talking about?

I have been surfing threw multiples forums of people arguing over this topic.

Which forums? Please share the links!

do it on exchanges
~
It can be done on ~ some other exchanges.

You have no idea what you're talking about. Normally, that's okay when asking questions on the tech board, but in this case, I think you're the wrong guy for the job. If there is such a thing.

One of the prerequisites of the transaction is to ask for a Signature Message proving the other party owns their BTC Coins.

So Electrum is my best option in this case?

Are you the one signing or verifying the message?