Digital signatures with Decrediton
Decrediton may be used to sign and verify digitally signed messages using Decred key pair. This verification is useful to prove than an address (public key) belongs to a user. The signing process does not write any information in the blockchain.
To learn more about digital signatures, read Verifying digital signatures.
The version of Decrediton shown in this article is 1.1.3.
1. Objective
Digital signatures are useful in the following scenarios:
- Scenario 1: People that need to document in an agreement the ownership of a valid address belonging to whom is signing the document
- Scenario 2: A customer purchased a product on a website and now needs to prove to the seller that he owns that address
The next steps were executed on a Decrediton running on macOS and another running on Debian Linux, both connected to Testnet. Learn more about the testing environment in Testing Decred on Testnet. The scenarios are connected to the exercises shown in Sending and receiving DCRs via Decrediton.
2. Scenario 1: document a receiving address not used yet
Public address generation
The first step is the generation of a public address on the same wallet that will sign the message.
Figure 1 - Bob generates a receiving address
Signing process on Decrediton
The signing process requires the following information:
- Address: A public address generated by the same wallet
- Message: A message agreed upon with the other party to prove the ownership of the wallet
- Passphrase: The wallet’s passphrase that will be used to “unlock” the private key and encrypt the hash of the message
The “signature” is the result shown in blue box.
Figure 2 - Bob signs a message with a text agreed with the other party
Verification process on Decrediton
For the other party to be able to verify the digital signature it will require:
- Address: The same address used before
- Signature: The signature generated in the blue block in figure 2
- Message: The same message used before
Figure 3 - Alice verifies that Bob owns the address
If an invalid address is inserted Decrediton will complain that the address in invalid because is is not compatible with the specified format for addresses.
Figure 4 - An invalid address is used
If a valid address is inserted, but one that doesn’t belong to the wallet signing the message, Decrediton will let the user know that the address could not be found.
Figure 5 - A valid address is used, but which doesn't belong to Alice's wallet
Online verification
It is also possible to use a web browser to verify a signed message. With the same parameters as before, any user in any device can verify that an address belongs to a specified user.
Figure 6 - Alice verifies that Bob is the owner of that address
3. Scenario 2: proving ownership of an address after sending
In this scenario Alice already sent 0.1 DCR to Bob. Now Alice wants to prove she owns the sending address.
Figure 7 - Who sent the transaction to Bob's wallet?
Locate the transaction
Figure 8 - Alice, who sent 0.1 DCR to Bob, locates the transaction
Open the transaction
Figure 9 - Alice opens the transaction
Locate and copy the sending address
Figure 10 - Alice locates the sending address in the transaction
Sign the message
Figure 11 - Alice signs a message proving she is the owner of the sending address
Send the signature to the other party.
Signature verification
Figure 12 - Bob verifies the message was signed by Alice