Digital signatures with Decrediton

2 minute read

Decrediton may be used to sign and verify digitally signed messages using Decred key pair. This verification is useful to prove than an address (public key) belongs to a user. The signing process does not write any information in the blockchain.

To learn more about digital signatures, read Verifying digital signatures.

The version of Decrediton shown in this article is 1.1.3.

1. Objective

Digital signatures are useful in the following scenarios:

  • Scenario 1: People that need to document in an agreement the ownership of a valid address belonging to whom is signing the document
  • Scenario 2: A customer purchased a product on a website and now needs to prove to the seller that he owns that address

The next steps were executed on a Decrediton running on macOS and another running on Debian Linux, both connected to Testnet. Learn more about the testing environment in Testing Decred on Testnet. The scenarios are connected to the exercises shown in Sending and receiving DCRs via Decrediton.

2. Scenario 1: document a receiving address not used yet

Public address generation

The first step is the generation of a public address on the same wallet that will sign the message.

Figure 1 - Bob generates a receiving address
Figure 1 - Bob generates a receiving address

Signing process on Decrediton

The signing process requires the following information:

  • Address: A public address generated by the same wallet
  • Message: A message agreed upon with the other party to prove the ownership of the wallet
  • Passphrase: The wallet’s passphrase that will be used to “unlock” the private key and encrypt the hash of the message

The “signature” is the result shown in blue box.

Figure 2 - Bob signs a message with a text agreed with the other party
Figure 2 - Bob signs a message with a text agreed with the other party

Verification process on Decrediton

For the other party to be able to verify the digital signature it will require:

  • Address: The same address used before
  • Signature: The signature generated in the blue block in figure 2
  • Message: The same message used before

Figure 3 - Alice verifies that Bob owns the address
Figure 3 - Alice verifies that Bob owns the address

If an invalid address is inserted Decrediton will complain that the address in invalid because is is not compatible with the specified format for addresses.

Figure 4 - An invalid address is used
Figure 4 - An invalid address is used

If a valid address is inserted, but one that doesn’t belong to the wallet signing the message, Decrediton will let the user know that the address could not be found.

Figure 5 - A valid address is used, but which doesn't belong to Alice's wallet
Figure 5 - A valid address is used, but which doesn't belong to Alice's wallet

Online verification

It is also possible to use a web browser to verify a signed message. With the same parameters as before, any user in any device can verify that an address belongs to a specified user.

Figure 6 - Alice verifies that Bob is the owner of that address
Figure 6 - Alice verifies that Bob is the owner of that address

3. Scenario 2: proving ownership of an address after sending

In this scenario Alice already sent 0.1 DCR to Bob. Now Alice wants to prove she owns the sending address.

Figure 7 - Who sent the transaction to Bob's wallet?
Figure 7 - Who sent the transaction to Bob's wallet?

Locate the transaction

Figure 8 - Alice, who sent 0.1 DCR to Bob, locates the transaction
Figure 8 - Alice, who sent 0.1 DCR to Bob, locates the transaction

Open the transaction

Figure 9 - Alice opens the transaction
Figure 9 - Alice opens the transaction

Locate and copy the sending address

Figure 10 - Alice locates the sending address in the transaction
Figure 10 - Alice locates the sending address in the transaction

Sign the message

Figure 11 - Alice signs a message proving she is the owner of the sending address
Figure 11 - Alice signs a message proving she is the owner of the sending address

Send the signature to the other party.

Signature verification

Figure 12 - Bob verifies the message was signed by Alice
Figure 12 - Bob verifies the message was signed by Alice