September 15 2015 6:04 AM, "Luke Dashjr" <l...@dashjr.org> wrote: > I think probably the whole signed message thing needs to be rethought. The > most common "uses" today seem to be insecure cases that it doesn't actually > work in: people trying to prove ownership of bitcoins and/or that they sent > bitcoins (current signed messages can do neither). Ideally, whatever the new > method is should also avoid using the same key as for signing transactions, > since the public key is technically private information. Furthermore, since > addresses are semi-deprecated (by the payment protocol), I'm not sure it > makes sense to do this without designing an entire authentication system, > which may be rather complex. > > Luke
My proposal is about the current signing process (which exists event it it's not perfect) but it could also work with a new signing message system tomorrow. It more about give users an easier way to access existing tools than the "sign message thing" itself. BTW I'm aware of privacy issues, but could you elaborate on why the use case your are referring to doesn't actually work? Here are a use of bitcoin signatures ( https://bitcointalk.org/index.php?topic=497545.0 ) to speak about a real case. -- Arthur _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
