Current implementation of sign/verify is broken for SegWit and Bech32 addresses.

Please add the following reference to the use cases:


# Does show balances for addresses that are in cold storage?


>... is there any way for me in another country to confirm that what my 
>colleague views is actually accurate and correct?

Since they use Bitcoin Core, yes, there is a way to verify that they hold the 
addresses that they claim. Have them sign a message with each address that they 
claim to have the holdings on, using Bitcoin Core you can verify that they 
indeed have those addresses and check them on to find the 
current balance.

Only works in Bitcoin Core currently for addresses starting with a '1' (not 
Segwit addresses starting with a '3' and not Bech32 addresses starting with 
'bc1' - the developers are aware of this and I will remind them shortly.)

In Bitcoin Core, your transaction opposite goes to File -> Sign Message and 
signs any message with one of the holding addresses. Copy the message, address 
and signature and send to you via probably plain text format email is the 
easiest. Repeat for each additional address holding the balance of BTC that 
they are offering to sell.

In Bitcoin Core, you go to File -> Verify Message and key the details provided 
EXACTLY - spaces, new lines and all characters must be an EXACT match. Click on 
verify and voilĂ .

I prefer the form of signed message as follows (don't key the top and bottom 
bar rows for the message, just the contents and you can check this yourself, 
the bottom row is the signature). I like to key the address used for verifying 
as a part of the message but that is not strictly necessary:

    Something that I want to sign.


This contains all of the compact information necessary to verify the message.

Example of verified message:
![verified message][1]



Solution seems to be straight-forward, as noted in Issue# 

>And it would in theory be possible to make signmessage work for a P2SH-P2WPKH 
>address, in cases where the verifier knows the embedded pubkeyhash already. 
>But in that case you don't need "sign with a witness address" functionality - 
>*you could just sign with the embedded key (see validateaddress), and have the 
>verifier check that*.

>The point is to not further the misunderstanding that signmessage signs with 
>an address - it never did. It signs with a keyhash, and verify with a keyhash.

This is an important feature, there are few other ways to verify that an 
address is held. Note that the linked issue is not currently labeld GUI and 
probably could be - unless a new issue should also be opened?


Damian Williamson

bitcoin-dev mailing list

Reply via email to