How to Prove The Ownership of a Bitcoin Address
Recently, I was asked about proving the ownership of a specific address in the Bitcoin network. The obvious – but also worst – option is to show off your private key. Once its given to the public, everyone can use your wallet to send away the funds. So, giving out the private key is not very good. I will show you, how to proveit without showing off your private key!
Why Does Someone Wants to Know the Ownership?
The first time I was asked the question, I questioned the reasons behind it. I have received several answers so far, all of which boil down to:
- Insurance against mix-up of the addresses
- Protection from abuse/fraud of the address
- Proof of owning the Bitcoins (at that address)
This is a small excerpt of a wider range of reasons. But let’s get our hands dirty on the proof.
How to Create the Proof of Ownership?
You will have to use your private key for this purpose. However, you do not want to show you private key. Without digging very deep into cryptography, it is possible to sign a message in the Bitcoin network. Actually, every single transaction must be signed by you in order for the funds of an address to be send out! However, in case of a message, we do not have an amount but the following elements:
- The message
- The address
- The signature
Only in combination of all three you can prove your ownership. Assuming you just use a signature per address. Then, an attacker can steal your signature, since the address is public anyway, and could therefore prove himself as the owner. So, the message is a very important part.
Electrum is a nice Bitcoin wallet and provides a tool to sign messages. To get to the tool, go to the menu bar and “Tools” then “Sign/verify message”. The right image depicts the menu.
A new window will pop up with several fields. You have to fill out only the message and address field (1 and 2 in the image to the left). Actually, you just have to fill in the address, because Electrum supports multiple addresses within a wallet. In other wallet softwares, the address might not be even editable, as they might not offer this feature.
Then press the “Sign” button (Number 3) and Electrum will start to use the private key. Thus, you will be promted for the password in case you have set one up for your private key. Afterwards, the field “Signature” will contain the unique signature for this message. Again, only with all three elements, the address, the message and the private key you can create this signature.
Only the owner of private key can create the correct signature for a message on an address!
How to Validate the Proof of Ownership?
After creating the signature, you can give it to everyone. It is not something which needs to be safely stored like the private key. Since you have used message, address and private key for signing, you will need message, address and signature for verification. You can use Electrum with the same tool as above and click on “Verify” to check the details. Now, that is often a little bit cumbersome in case you do not have Electrum. So, I suggest the page coinig.com to verify such a message.
In order to get hands on, I have signed an address of mine and you can check it with coinig.com:
- Address: 1BKjksejk7Jj46qyZZSyrUySo4uY2CywoG
- Message: CoinCoach is owner of this address!
- Signature: IAWuKc40F3MaGjKAvqZNgz2/E4RZ/p9vKaPQYAwiZxgoT++6lNMVaHJVaIlQvyV1NBbkP5DJZuEdXb8NIeHfb1Y=
All parts must be entered exactly as stated and when clicking on “Verify” the page should look like the image below. And remember, no private key was exposed in proving my ownership of that address! Quite fascinating for me 😀 Hope I had adequately clarified how this works!