Bitcoin Message Tool - command-line signer & verifier

ORIGINAL TOPIC: Bitcoin Message Tool - command-line signer & verifier
AUTHOR: witcher_sense

D Introduction

Fully open-source CLI tool way De light weight to take sign and verify bitcoin messages. Bitcoin message na the most straightforward and natural way to take prove say na you get a particular bitcoin address without say you go need to reveal any of your information way De important well well.

This tool go follow particular things way dem describe for BIP137:

"...While dem no write BIP for how to take sign digital messages with Bitcoin private keys with P2PKH address , Na somehow simple process to understand , however as dem come introduce Segwit (both the one way De in the form of P2SH and bech32) addresses, E nor come clear how to take know if address na P2PKH, P2SH, or bech32 address . This BIP go propose standard signature format way go allow clients to fit differentiate all these address format from each other.

Abeg Keep am for mind say:

"because say this format get P2PKH keys, E de backwards compatible, but keep am for mind say some software get checks for dem header range and go report the new new segwit header type as error."

More info: https://github.com/bitcoin/bips/blob/master/bip-0137.mediawiki

Wallets way dey fully support BIP137 type of signature:

1) Trezor
2) Sparrow Wallet
3) Coldcard?
4) ...

This tool normally na just attempt to take understand how we dey use this standard.

D Installation matter

1)To take install with pip u go run:

Code:

pip install bitcoin-message-tool

You fit create virtual environment for this application then you go run am from there, for example make we use Poetry.

You go Create new folder (bmt na shorthand for Bitcoin Message Tool or you fit choose watin you like ):

Code:

poetry new bmt

Code:

cd ./bmt

You go Create new virtual environment:

Code:

poetry install

Code:

poetry shell

You go use this command Download the application from PyPi:

Code:

poetry add bitcoin-message-tool

To take run am from the terminal you go use this command:

Code:

python3 -m bitcoin_message_tool

When you don run the app without say wahala no de d arguments, you go see something like help message.

2) And, you go fit use dis command download the source code direct from GitHub:

Code:

git clone https://github.com/shadowy-pycoder/bitcoin_message_tool.git

or you fit fork the repo or you go down clone the forked version

You go Install requirements with this command:

Code:

pip install -r /path/to/requirements.txt

To take run application from the repo way dem fork or clone , you fit still use this code for under:

Code:

python3 /path/to/bmt.py -h

How to take use Bitcoin Message Tool

The doctest way we wan do so suppose give better idea about how to take sign and verify messages with this CLI tool:

Basic on how to take use am:

Code:

python -m bitcoin_message_tool -h

or

python bmt.py -h
usage: python3 bmt.py [-h] {sign,verify} ...

Bitcoin message signing/verification tool

positional arguments:
{sign,verify}

options:
-h, --help     show this help message and exit

Message signing:

Code:

python bmt.py sign -h
usage: python3 bmt.py sign [-h] -p -a {p2pkh,p2wpkh-p2sh,p2wpkh} -m [MESSAGE ...] [-d] [-v]

options:
-h, --help            show this help message and exit

Sign messsage:
-p, --privkey         private key in wallet import format (WIF)
-a {p2pkh,p2wpkh-p2sh,p2wpkh}, --addr_type {p2pkh,p2wpkh-p2sh,p2wpkh}
                        type of bitcoin address
-m [MESSAGE ...], --message [MESSAGE ...]
                        Message to sign
-d, --deterministic   sign deterministtically (RFC6979)
-v, --verbose         print prettified message

Example na : Non-deterministic signature for private key and p2pkh address way dem compress

Code:

$python bmt.py sign -p -a p2pkh -m ECDSA is the most fun I have ever experienced

PrivateKey(WIF): <insert private key here>

Please note that private key won't show up on the terminal.

Output:

Code:

Bitcoin address: 175A5YsPUdM71mnNCC3i8faxxYJgBonjWL
Message: ECDSA is the most fun I have ever experienced
Signature: IBuc5GXSJCr6m7KevsBAoCiX8ToOjW2CDZMr6PCEbiHwQJ237LZTj/REbDHI1/yelY6uBWEWXiOWoGnajlgvO/A=

The same output with -v/--verbose flag:

Code:

-----BEGIN BITCOIN SIGNED MESSAGE-----
ECDSA is the most fun I have ever experienced
-----BEGIN BITCOIN SIGNATURE-----
175A5YsPUdM71mnNCC3i8faxxYJgBonjWL

IBuc5GXSJCr6m7KevsBAoCiX8ToOjW2CDZMr6PCEbiHwQJ237LZTj/REbDHI1/yelY6uBWEWXiOWoGnajlgvO/A=
-----END BITCOIN SIGNATURE-----

Message verification:

Code:

python bmt.py verify -h
usage: python3 bmt.py verify [-h] -a ADDRESS -m [MESSAGE ...] -s SIGNATURE [-v] [-r]

options:
-h, --help            show this help message and exit

Verify messsage:
-a ADDRESS, --address ADDRESS
                        specify bitcoin address
-m [MESSAGE ...], --message [MESSAGE ...]
                        Message to verify
-s SIGNATURE, --signature SIGNATURE
                        bitcoin signature in base64 format
-v, --verbose         print full message
-r, --recpub          recover public key

Example: Message verification in verbose mode

Code:

python bmt.py verify -a 175A5YsPUdM71mnNCC3i8faxxYJgBonjWL \
> -m ECDSA is the most fun I have ever experienced \
> -s HyiLDcQQ1p2bKmyqM0e5oIBQtKSZds4kJQ+VbZWpr0kYA6Qkam2MlUeTr+lm1teUGHuLapfa43JjyrRqdSA0pxs= \
> -v

Output:

Code:

True
Message verified to be from 175A5YsPUdM71mnNCC3i8faxxYJgBonjWL

More examples and source code can be found here: https://github.com/shadowy-pycoder/bitcoin_message_tool

Tests with Sparrow Wallet

Let's verify a SegWit signature created with real wallet:

Result:

Make we verify one SegWit signature way dem Create with this tool:

D Result: