Bitcoin private key from GnuPG secp256k1 secret key?
stefan.claas at posteo.de
Sat Aug 26 07:39:10 CEST 2017
On Thu, 03 Aug 2017 16:24:05 +0900, NIIBE Yutaka wrote:
> Stefan Claas <stefan.claas at posteo.de> wrote:
> > I could imagine that no one will do this, because if you have no
> > private key for "your" public address (according to your reply),
> > you have no control of that address, like spending/ sending
> > BTC from this address.
> Sorry about my vague description.
> As a subkey of 0x00B45EBD4CA7BABE, I have a key of secp256k1. And the
> private key is controlled by me, on a Gnuk Token. But I have no
> "wallet", yet. This is the situation.
> My idea was that we can use WoT of OpenPGP to check Bitcoin address.
> It seems that people don't buy this idea.
while reading a bit more on the Bitcoin Wiki and reading about
Bitmessage papers etc. I would like to know from you and all
other experts here on the list about some thoughts i have and
what you think about this.
First of all, inspired by your script i looked for an easy way to
extract the secret key material of a GnuPG secp256k1 sub key,
which works nicely with GnuPG, without the usage of a script
or programming knowledge etc.
With this secret key material everybody could create a valid Bitcoin
address and when using two sub keys (like a signing and a encryption
key one can also generate a Bitmessage key pair with the proper
Usually pub keys with Bitcoin or Bitmessage are not seen by the
user, afaik. Except a Bitcoin user would sign a message with
it's secret Bitcoin key and the pub key would be derived from
the address and the signature data.
i tried also out educational open source software for Bitcoin signing
and encryption and the interesting thing was that when a user
likes to encrypt a message to another user the software looks up
the blockchain and checks if there was a valid transaction done.
If not the encryption fails.
I tried also another .html based software for Bitcoin signing out and
what i liked very much about this is that users can verify a signed
Bitcoin message, without needing a public key from the communication
partner in advance, nor does the software collects public keys,
because it's not needed.
Now my thoughts about this subject.
Let's say i create a valid Bitcoin address from a secret GnuPG secp256k1
sub key and import the secret key material, which i have converted to
a valid WIF secret key, into my Bitcoin wallet. Now if i buy officially
some Satoshi from well known traders and transfer, as a registered user,
from this account the Satoshi to my newly created GnuPG Bitcoin Address
the transaction is in the blockchain. If then i would send from my valid
GnuPG Bitcoin address some Satoshi to a valid gnupg.org Bitcoin address
i would have donated (the modern way :-)) a bit to the GnuPG Foundation
and it would appear also in the block chain and i think this could be
then also a sign of proof that i'm the owner of a public key, without
being in the Web of Trust. keybase.io users for example have the
option to publish their Bitcoin address on their page as well.
The second thought. I already have lot's of GnuPG public keys collected
due to reading the mailing list or signed Usenet posts. Thanks
to auto-key-retrieve on.
If GnuPG would allow a user in the future to use an additional flag,
when signing with a secp256k1 sub key, which would produce
signatures that would work like Bitcoin key signatures, users would not
need to collect a ton of public keys and the signature would verify.
Well, i hope that my thoughts are not to crazy, but i really would like
to hear the opinion from other members here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 506 bytes
Desc: Digitale Signatur von OpenPGP
More information about the Gnupg-users