Proving ownership of a cryptocurrency

Axel Hodler
Aug 8, 2017 · 3 min read

In a private conversation we recently discussed how an individual can prove whether he owns Bitcoin, e.g. to prove solvency.

The most common answer to the question is to have the user send a small amount of Bitcoin to an address of the validators choosing, thus proving control of the Bitcoin in question. While this process surely works it lacks a deeper understanding of how Bitcoin functions and, on top, incurs an unnecessary transaction and the resulting fees.

Every time someone attempts to spend Bitcoin he needs to provide a signed transaction, proving to the network that he is in fact in possession of the private key and thus the owner of the funds spendable by the address (derived from the public key). Using common wallet software the exact process will be mostly hidden from the user.

Besides signing spending transactions with our private key we are also able to sign arbitrary messages with our private key. In fact thats what Public-
key cryptography was used for long before Bitcoin to prove authenticity of a message. Signing an arbitrary message with a private key is not limited to
Bitcoin. It’s applicable to other cryptocurrencies as well. The following example uses Ethereum.

Using web3.js you can sign an arbitrary message programmatically

web3.eth.sign(web3.utils.sha3("Thanks for reading the article. Cheers Axel"), "0x38588822Bea476d5e1D56cFC9CE9781Fe5262196").then(console.log)
> 0x027d1dd45ab0eeee5803079086679a70d444a2d4ea7e8db221894977eabf8bfc
7486d6a9413e4a9aeddccf851ba7c2ea81835576b0afabbcfd62493ff0924ff400

The signature 0x027d1dd45ab0eeee5803079086679a70d444a2d4ea7e8db221894977eabf8bfc7486d6a9413e4a9aeddccf851ba7c2ea81835576b0afabbcfd62493ff0924ff400 the
address 0x38588822Bea476d5e1D56cFC9CE9781Fe5262196 and the message Thanks for reading the article. Cheers Axel can then be relayed to the validator for verification.

To verify the message the validator can e.g. use a form provided by etherscan.io.

Give it a try. In https://etherscan.io/verifySig enter the adress, the message signature and the message itself. Then hit Verify.

Try to replace Axel with Bob in the message above. And you get

Thus the signature protects the message integrity

Bitcoin Wallets such as Electrum offer the same functionality.

By creating the signature above we prove ownership of the private key and thus of the funds. Instead of writing an arbitrary message we can state

One issue arises when multiple companies or individuals share private keys and reuse the same address to prove solvency. A victim could then be tricked into believing an individual is solvent when in truth anyone in the group of the private key holders could siphon off the coins at any time.

We need a way to prove only one individual has access to the private key.

This is impossible

Even if he moves all funds to a new address and thus a new private key, there is no way for him to prove he has not shared the key with someone else or whether his key was stolen right after its generation due to someone having unauthorized access to his physical device where the key is stored.

Of course a similar problem exists outside of the blockchain. Say a customer uses Two-factor authentication to create a transaction with his online banking provider. He needs the password for the website of the banking provider and a physical device (e.g. phone) where he will be sent a TAN to confirm the transaction. If he loses both access to the phone and the credentials for his online banking an attacker will be able to create transactions with his account. Of course the banking provider knows its customer and thus who is the rightful owner of the account.

Thus to solve the issue of proof above we need to introduce a trusted intermediary. Something a public blockchain was introduced to avoid in the first place. The basic idea of a blockchain is to have consensus without trust.

Nevertheless the trusted intermediary, maybe a banking provider or a notary, can take care of the attestation and attest the following if authorized institutions are asking

The statement can be encoded in a Bitcoin Transaction, which in turn requires someone attesting the attestor, or listed on a website, which is, hopefully, under the control of the attesting instance.

Whether the practice of attestation is a good thing has to be evaluated by the participating individuals.

Hopefully the article did shed some light on the problem of proving who controls the funds on a specific Bitcoin address.

YOPITER

YOPITER GmbH Stuttgart IT and Software Development Blog

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store