Example: Ensuring Secure Cosigning
🔐 Imagine you have a wallet descriptor listing this cosigner's xpub:
xpub6EDJac9G93fFKuJsXRfBwJ45APnGTg4VwqEHmaLTrfXy18QzMSRiRVxcTdKhhpKNPPdo6Ct3j9xte8ciuLYxHYdLvixXqpHpDg8x5JfNn4k
🗳️ You ask your cosigner to sign a message, "Forever, Laura.", using a key derived from their corresponding xprv with the path /0.
🔍 You calculate the public key: 039a23c735abd0610aaf89fe356a860b65545c571bdaece7a82260e5f207a77185.
💰 And from this, you obtain the Bitcoin address: 1LrH1NQb5HeXffFtpuXNkHZavyXjt57VFX.
🛡️ Your cosigner's wallet software (Sparrow, Nunchuk, Coldcard, SeedSigner, or others) derives the private key using the full path, e.g., m/48'/0'/0'/2'/0, and uses the resulting private key to return this signature:
IM9MYx4E94xyXFTDRPf5W4+RdOpw11b28jCq1yq4ctcoVXpGexSfrlC0KqYjay7erZ4PjX1mlFKpINzk2YqPGVU=
🔍 You verify this signature and gain reassurance that your cosigner is ready to stand by you.
🔗 Try it out and easily verify a signature at https://checkmsg.org/
David Pinkerton
npub1jz…aaju6
2023-11-06 12:01:52
in reply to nevent1q…hq2n
Author Public Key
npub1jz0rlhp9ngs3at2kfhzcnc62sxh0y9rxt40x3z003wmdguljky9quaaju6Published at
2023-11-06 12:01:52Event JSON
{
"id": "8f1c3e0706f565a811064f2124b16def26bf2d3cfa7499fa02d595d99c353951",
"pubkey": "909e3fdc259a211ead564dc589e34a81aef214665d5e6889ef8bb6d473f2b10a",
"created_at": 1699272112,
"kind": 1,
"tags": [
[
"e",
"db18edab21d60d813163de7567d0f6b3da738089892caf557672ad250e00d393",
"",
"root"
],
[
"e",
"86a79ba28aa3adafe928bd92529f465ee28d04e94223cffd203743d8f9b0ca60",
"",
"reply"
],
[
"p",
"909e3fdc259a211ead564dc589e34a81aef214665d5e6889ef8bb6d473f2b10a"
],
[
"r",
"https://checkmsg.org/"
]
],
"content": "Example: Ensuring Secure Cosigning\n\n🔐 Imagine you have a wallet descriptor listing this cosigner's xpub:\n\nxpub6EDJac9G93fFKuJsXRfBwJ45APnGTg4VwqEHmaLTrfXy18QzMSRiRVxcTdKhhpKNPPdo6Ct3j9xte8ciuLYxHYdLvixXqpHpDg8x5JfNn4k\n\n🗳️ You ask your cosigner to sign a message, \"Forever, Laura.\", using a key derived from their corresponding xprv with the path /0.\n\n🔍 You calculate the public key: 039a23c735abd0610aaf89fe356a860b65545c571bdaece7a82260e5f207a77185.\n\n💰 And from this, you obtain the Bitcoin address: 1LrH1NQb5HeXffFtpuXNkHZavyXjt57VFX.\n\n🛡️ Your cosigner's wallet software (Sparrow, Nunchuk, Coldcard, SeedSigner, or others) derives the private key using the full path, e.g., m/48'/0'/0'/2'/0, and uses the resulting private key to return this signature:\n\nIM9MYx4E94xyXFTDRPf5W4+RdOpw11b28jCq1yq4ctcoVXpGexSfrlC0KqYjay7erZ4PjX1mlFKpINzk2YqPGVU=\n\n🔍 You verify this signature and gain reassurance that your cosigner is ready to stand by you.\n\n🔗 Try it out and easily verify a signature at https://checkmsg.org/",
"sig": "d81ecfee225180eacba7b8c5f743b4ce5f01c65fb0680cf1e246e7c162e69bf64f966f4ce0f88a635f8f4710640f4a933728169ab92cb68561828604e679150b"
}