On Thu, 03 Aug 2017 16:24:05 +0900, NIIBE Yutaka wrote: > Stefan Claas <stefan.cl...@posteo.de> wrote: > > I could imagine that no one will do this, because if you have no > > private key for "your" public address (according to your reply), > > you have no control of that address, like spending/ sending > > BTC from this address. > > Sorry about my vague description. > > As a subkey of 0x00B45EBD4CA7BABE, I have a key of secp256k1. And the > private key is controlled by me, on a Gnuk Token. But I have no > "wallet", yet. This is the situation. > > My idea was that we can use WoT of OpenPGP to check Bitcoin address. > It seems that people don't buy this idea.
Hi NIIBE-san, while reading a bit more on the Bitcoin Wiki and reading about Bitmessage papers etc. I would like to know from you and all other experts here on the list about some thoughts i have and what you think about this. First of all, inspired by your script i looked for an easy way to extract the secret key material of a GnuPG secp256k1 sub key, which works nicely with GnuPG, without the usage of a script or programming knowledge etc. With this secret key material everybody could create a valid Bitcoin address and when using two sub keys (like a signing and a encryption key one can also generate a Bitmessage key pair with the proper Bitmessage address. Usually pub keys with Bitcoin or Bitmessage are not seen by the user, afaik. Except a Bitcoin user would sign a message with it's secret Bitcoin key and the pub key would be derived from the address and the signature data. i tried also out educational open source software for Bitcoin signing and encryption and the interesting thing was that when a user likes to encrypt a message to another user the software looks up the blockchain and checks if there was a valid transaction done. If not the encryption fails. I tried also another .html based software for Bitcoin signing out and what i liked very much about this is that users can verify a signed Bitcoin message, without needing a public key from the communication partner in advance, nor does the software collects public keys, because it's not needed. Now my thoughts about this subject. Let's say i create a valid Bitcoin address from a secret GnuPG secp256k1 sub key and import the secret key material, which i have converted to a valid WIF secret key, into my Bitcoin wallet. Now if i buy officially some Satoshi from well known traders and transfer, as a registered user, from this account the Satoshi to my newly created GnuPG Bitcoin Address the transaction is in the blockchain. If then i would send from my valid GnuPG Bitcoin address some Satoshi to a valid gnupg.org Bitcoin address i would have donated (the modern way :-)) a bit to the GnuPG Foundation and it would appear also in the block chain and i think this could be then also a sign of proof that i'm the owner of a public key, without being in the Web of Trust. keybase.io users for example have the option to publish their Bitcoin address on their page as well. The second thought. I already have lot's of GnuPG public keys collected due to reading the mailing list or signed Usenet posts. Thanks to auto-key-retrieve on. If GnuPG would allow a user in the future to use an additional flag, when signing with a secp256k1 sub key, which would produce signatures that would work like Bitcoin key signatures, users would not need to collect a ton of public keys and the signature would verify. Well, i hope that my thoughts are not to crazy, but i really would like to hear the opinion from other members here. Best regards Stefan -- https://www.behance.net/futagoza https://keybase.io/stefan_claas
pgpPugYLOW6LF.pgp
Description: Digitale Signatur von OpenPGP
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users