I'm curious, what is your perceived difference between signing a message and moving coins to determine "proof of control"? ???
Slightly off-topic, but this question evokes a subtly different, easily confusable related point that I think should be discussed elsewhere. And it’s not entirely OT, insofar as I don’t think it’s uncommon for people on this forum to use messages signed by “stake” addresses to prove
ownership of coins (in contradistinction to technical
control of coins).
The
argument advanced by various Core developers against reliance on signmessage to prove
ownership (as opposed to control) of UTXOs is:
Owning money and having access to private keys that can spend coins are independent concepts. Exchanges have private keys for UTXOs money they hold on behalf of their customers. They can clearly sign messages using those keys, but they certainly don't own all those coins.
I respectfully disagree with sipa, luke-jr, and others so stating (and I should probably say so on that issue). I argue strictly that
control of the private keys equals title to the Bitcoin, period; and it is dangerous to blur a rule logically inherent in the nature decentralized, trustless, permissionless cryptographic money.
If you are a custodial exchange, etc., then you may be holding title to that Bitcoin as a nominee, or (quite arguably) a bailee, or some other legal concept which may be logical to apply. However, account-holders at custodial exchanges are
not the titular owners of any Bitcoin at all, in my opinion.
If you don’t have the private keys, then it is not your Bitcoin: It is somebody else’s Bitcoin; and that somebody else, the titular owner of the Bitcoin, has contractually agreed to let you excercise
beneficial ownership of some sort.
So many ills of this world result when ownership is divorced from control. (Aside, don’t get me started on how the separation of ownership, control, and responsibility is a major factor in the widespread corruption of modern corporations.) Don’t do that with Bitcoin.
In my analysis,
ownership is fully congruent with the use of digital signatures to
control money in a decentralized, trustless, permissionless system; and legal agreements outside the four corners of Bitcoin script are properly compartmented where they belong, in the realm of legal contracts and the legal enforcement thereof.
(
N.b. that the same argument applies to theft: A thief who uses wrongful means to obtain title is still holding titular ownership, and will continue to do so unless recovery is effectuated by avoiding the improperly obtained title. By analogy, consider a criminal who uses forgery, coercion, or fraud in the factum to wrongfully obtain a deed to lands—although that deed would probably be adjudged
absolutely void, not merely
voidable, whereas a Bitcoin transaction is only
absolutely void if a blockchain reorg retroactively invalidates it.)
Of course, the moving of coins is little different than signmessage in this aspect: A custodial exchange (etc.) can spend UTXOs to its own addresses, just as you can to yours.
