notmandatory
commented
1 year ago Thanks for the detailed use case info, it sounds like a useful feature to add.
Open f321x opened 1 year ago
notmandatory
commented
1 year ago Thanks for the detailed use case info, it sounds like a useful feature to add.
notmandatory
commented
1 year ago This bdk-reserves module for bdk-cli implements functionality inspired by bip-322, it could be a good starting point for working on more general message signing for BDK.
moneyball
commented
1 year ago Be aware of the controversy surrounding this and why Trezor and Blue Wallet reversed course. It seems the BDK project should study this to make sure there is comfort in supporting it.
https://blog.trezor.io/a-decision-on-aopp-789540c2930b https://github.com/BlueWallet/BlueWallet/pull/4431
notmandatory
commented
1 year ago @moneyball, thanks for the background. Based on the arguments in above links I don't support adding this as a feature to BDK.
Sosthene00
commented
1 year ago Just for the sake of completness, other BIP322 message signing other use cases I'm aware of:
I don't think BDK would ever be used for 1, as for 2 it could be useful if someone's using BDK in a hardware wallet.
f321x
commented
1 year ago Just for clarification: the article/controversy linked by @moneyball was about aopp which is a protocol to automatically sign the message without the user actively interacting. This needs bip322 I guess but is another thing built on top. Trezor and bluewallet, for example both removed aopp but still support manual message signing (bip322)
Btw imo Aopp is actually pretty useful but the controversy was unfortunately fueled mostly by people not using these services (non EU citizens). My practical experience is that manual message signing is much too confusing for non technical newcoiners so they stick with custodial casinos instead of using the non custodial bitcoin only exchanges just due to this circumstances.
moneyball
commented
1 year ago Thanks for the clarification @f321x
f321x
commented
1 year ago https://hackmd.io/KR5ALrSSQO6eyrnUBJreeA
Found a well researched list of BIP322 use cases, TLDR: Use Case 1: AML/KYC/PII Verification Use Case 2: Liquidity Advertisements for Lightning Channels Use Case 3: Decentralized Social Identity Use Case 4: Multisig Proof of Keys Use Case 5: Decentralized Identity Document Integration Use Case 6: Quasi-Proof of Reserves
thunderbiscuit
commented
1 year ago General-purpose message signing is a useful feature IMO, and BIP-322 looks like the current standard for achieving that.
Linking here other issues/PRs because this has been a long-standing request (originally in ffi, then moved up in bdk-rust, but without applying BIP-322):
Note also that bitcoin signing will be discussed at the next Blockchain Commons Gordian Developer Community call on June 11.
moneyball
commented
1 year ago More info on BIP 322 found here https://bitcoinops.org/en/topics/generic-signmessage/
Has anyone implemented BIP 322 to prove it out or would BDK be first? Is there developer consensus on the approach to sign multiple address types? If there is not consensus, then I think it is important for the developers choosing to work on this in BDK realize they're also signing up to possibly tackle design problems and gaining developer consensus on an approach. See here: https://bitcoinops.org/en/newsletters/2022/07/27/#multiformat-single-sig-message-signing
f321x
commented
1 year ago It's implemented in python-bitcoinlib iiuc https://github.com/petertodd/python-bitcoinlib/blob/master/examples/sign-message.py
moneyball
commented
1 year ago That looks like it is 6-8 years old? So wouldn't cover taproot or segwit :)
f321x
commented
1 year ago I think only the linked example is 6 years old, tried it with segwit key and it worked but idk if its bip322 conform (can't find any reference to it).
Also tried this but the generated signatures seemed invalid: https://github.com/LegReq/bip0322-signatures
bumi
commented
7 months ago Is there an update on this? will this become possible? it would allow wallet apps to implement those onramp solutions.
Describe the enhancement
https://github.com/bitcoin/bips/blob/master/bip-0322.mediawiki
Use case
In switzerland it's possible to offer exchange services (buy/sell) up to ~900€/d without extended kyc (they only get the IBAN obviously). These services are available to all EU citizens (SEPA net) and one of the prefered ways of bitcoiners in the EU to stack sats (besides p2p). These service need to (by law) verify the ownership of the address of the user (trough message signing). They mostly either build their own apps (eg Relai) which do it in the background, or let the user do it manually with their preferred wallet (eg Pocket Bitcoin). It would probably be much easier for the exchanges to build good wallets with simple ux with bdk if it supported message signing. Also wallets built on BDK could support manual message signing so users can use the wallet to take custody/buy on these exchanges. **Additional context** There are maybe other relevant usecases of message signing i'm not aware of. More use cases listed here: https://hackmd.io/KR5ALrSSQO6eyrnUBJreeA