How to demonstrate that you own a blockchain address
You may have heard about blockchain, blockchain addresses and private keys. It is good to learn how they relate to each other.
In essence, a Private key is a gigantic random number, Public key is derived from the Private key. Address is simply another, more human-friendly, way to write down the Public key.
ECC, an alternative technique to RSA, is a powerful cryptography approach. It generates security between key pairs for public key encryption by using the mathematics of elliptic curves.
Blockchains operate by signing transactions with ECSDA private keys. This is the essence of blockchain security, as only owner of some address can produce valid ECDSA signatures associated with this address.
Signing arbitrary messages
Now when you know blockchains work with ECDSA signatures, let’s learn how to sign arbitrary messages with ECDSA private key in the Peercoin web wallet.
Message signing process where a person proving the identity or ownership of the address is signing the text message with their private key and providing the interested party with the computed signature, which can be checked against their public key.
Let’s sign an arbitrary message. I will sign “Hello world! 26.09.2022” using the wallet.peercoin.net.
This resulting signature is demonstrably associated with the address. Nobody who does not have the ownership of the private key behind this address can produce such a signature.
You can verify this, using the Peercoin-qt wallet. Unfortunately the light, flutter wallet is not yet able to do so.
As you can see the message is verified, we know for sure that someone who owns address PSf9AkDWSjvySLnmMPka6RbyuDbYuqSJBC has written this message and signed it with their private key.
This process can be used to prove that someone has ownership over some address. For example, a merchant has to issue a refund to a customer. In order to prevent awkward situations (can’t reverse payment on a blockchain) it is best that merchant asks the customer to prove the ownership of the address they want to use for the refund.
Proof-of-Identity and verification of the address owner
This concept is based on a very old idea of mine, Peerassets-based PoID protocol.
This proposal tries to come up with an elegant solution to the problem of matching the “real life” identity of a person with an address on the blockchain by verifying that specific public key (address) is in control of person X.
Proof of identity verification process trusts the social media sites to force the user to use their true identity. Source of truth about identity of some key owner would start with some social media company, say Twitter. On Twitter this person would post a message announcing that they own a specific address and a message signature. Protocol-aware client would be able to detect this and use the information it to validate signatures and associate with some identity.
Chain of trust is simple, if you trust that I control the Twitter account “@peerchemist”, you can trust that I own this very address if you verify my message and signature using your Peercoin-QT client.