Prototyping OpenPGP extensions/signing arbitrary packets

Peter Todd pete at
Fri Apr 4 10:46:32 CEST 2014

I'm working on prototyping a new OpenPGP user attribute to allow users
to tie Bitcoin addresses to their OpenPGP identities. The goal is to
allow the WoT to be used as a means of ensuring that a Bitcoin payment
goes to the intended recipient. For instance if I wanted to give funds
to Werner Koch my wallet software could extract the address(1) from his
OpenPGP, itself verified by the WoT, and pay to that address.
Additionally I were using a multifactor/multisig wallet where spending
my funds required signing the payment on multiple machines, perhaps my
main desktop and a secure air-gapped laptop, the second machine could
also verify where the funds were going by the same OpenPGP key/WoT.

For my prototype I have a small Python program that generates the user
attribute with version of the python-pgpdump library, modified by me to
create packets as well as decode them. However to actually sign the
packet it seems the only possible way is to import the key with
--allow-non-selfsigned-uid option and use the --expert option to
override the normal restriction on signing non-selfsigned UIDs.

GPGME appears to be the only interface to the GnuPG engine, and it's too
high-level to be able to sign arbitrary packets or hashes. Is there
another way to do this that I've missed?

1) While standard Bitcoin addresses are not meant to be reused for
   privacy reasons, I'm also simultaneously working on a new address
   standard - Stealth Addresses - for which address re-use does not harm

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: Digital signature
URL: </pipermail/attachments/20140404/e6deb0fa/attachment.sig>

More information about the Gnupg-devel mailing list