A well-known limitation with Bitcoin Core is that you cannot use the software to sign segregated witness (segwit) addresses, in other words, pay-to-script-hash (P2SH) addresses that begin with “3” or “bc1”. And if you cannot sign a message and ask someone else to verify it, it is very difficult to unambiguously prove control of a public address.
This is quite unsatisfactory, given that there are so many upsides to using segwit addresses over old legacy addresses (those that begin with “1”); one of the main reasons is that using segwit addresses significantly decreases transaction fees.
There are a number of online services that offer signing services, but all these come with the intrinsic problem that during the process you must disclose your private key, which is something you never want to do online (why we will not publish links to any such webpage). A good rule-of-thumb is that your private keys should never be transferred over any network. Private keys should be used for offline calculations only.
So, how can we – this page – definitely prove that we control our segwit address 3BTCLeakpiTWc1A78mSsxh8WJn7yRhQon3?
There are quite a number of Python libraries on GitHub you could use. In this post, however, we will demonstrate an even simpler solution that requires no coding skills and works on Windows, Mac, and Linux.
If you don’t have it already, download and install our favorite wallet software Electrum, and make sure you are downloading it from the proper page electrum.org and no other source. The portable versions work just as well and may even be preferred since they are easily deleted without leaving a trace on any platform.
In Electrum, create a new wallet and import the private key for the public segwit address you need to prove ownership of. In the GUI, simply select Tools and Sign/Verify Message. To prove ownership over an address, sign a short message with it. It must be a message that you are willing to share. Simple enter the message in the Message box, the public address in the Address box and click “Sign”. It will populate the Signature box with the signed message, which is the string you will use together with the public address and message to prove control. Note that Electrum will give you an error if you try to sign a message for a public address with an unknown private key – this is the desired behavior and ensures that you cannot claim to control public addresses for which you don’t have the private key.
Our public segwit address is:
Our message is:
This address belongs to btcleak.com
Our signature is:
Copy and paste these three strings into Electrum, make sure there are no unintended spaces, linebreaks, or other characters, and click “Verify”.
It says “Signature verified” – right? We have now proven that we control 3BTCLeakpiTWc1A78mSsxh8WJn7yRhQon3, and we have done so without disclosing our private key to the recipient or any online service.
You can do the exact same thing with your segwit addresses to prove without a doubt that you control them.
(For paranoid level security, use this function in Electrum with the network turned off, delete the wallet and maybe even Electrum itself but save the message and signature before turning the network back on again.)
Comments or questions?
One more thing!
Consider the donation address at the bottom of the page. We re-invest all contributions into new projects for btcleak.com. Help us create new content and remain ad-free forever. Thank you.