Some services (e.g. Brokers and Exchanges) require a digital signature to prove you control the private key belonging to a Bitcoin address. Conceptually, this is similar to signing a Bitcoin transaction, but instead of an actual transaction, you're just signing a simple text message. Because your private keys always remain safe on the BitBox02, you will need to confirm signing this message directly on your device.
A signature like this allows the service to verify you control the private key of the address, but that's it. Just like with regular transactions, they do not learn anything about your private key or other information about your wallet.
The BitBoxApp supports the AOP protocol (AOPP), making the process of signing messages seamless and easy to understand. However, not all services support AOPP, requiring you to create the signature manually using external wallet software. To do this, we will use Sparrow Wallet. Check out our blog post to find out how to set up your BitBox02 with Sparrow Wallet.
Getting ready
Before we start, make sure you have the receive address you would like to use with the service at hand, as well as the message the service has provided you.
The message might look something like this, make sure not to change anything in it:
I confirm that I am the sole owner of this Bitcoin address. Order reference 1bd973455f.
It may help to prepare this information by copy and pasting it into a text document, to make the next step a bit easier.
Signing a message
Once you have imported your BitBox02 wallet in Sparrow, get started by opening the sign message tool (Tools → Sign message or by hitting Strg + M).
A simple window with three empty fields will pop up:
From this point, the process is straight-forward: Paste the Bitcoin address into the first field and the message into the larger, second field.
Tip: Instead of copy and pasting the Bitcoin address, you can also just select it directly from the “Addresses” tab in Sparrow. Simply right-click on the address and select “Sign/Verify message”. The same window will now appear with the address detail already filled out.
Again, make sure you don't make any changes to the message, otherwise the signature will be meaningless to the service you create it for.
You don't have to make any changes to the “Format” section. Simply leave the selection on “Standard (Electrum)".
Now it's time for the actual signature. Click “Sign” and select your BitBox02, which you may have to unlock at this point. If you receive an error here, make sure the BitBoxApp is closed and replug your BitBox02. You can click “Rescan” to refresh the selection in Sparrow Wallet.
The BitBox02 will now display a verification prompt in three steps:
- The coin “Bitcoin”, since we sign a message for a Bitcoin address.
- The Bitcoin address itself, make sure to verify it against the address you have given to the service, just like you would with any other address you share with someone.
- The message itself, which you should also verify again, since you're about to sign it!
If everything looks good to you, hold to confirm, like with a regular transaction.
Don't forget: You're just signing a simple message, not an actual transaction. You can do this process as often as you like and with any message you want to. This does not affect your wallet or the Bitcoin you store on it.
Verifying the message
Now you're all set! The message has been signed, and the signature should appear in the third “Signature” field. Just for the sake of it, feel free to click “Verify” to check if the signature is valid.
You can now provide the signature to the service. It's easier if you use copy and paste for this, since there are a lot of random characters. Make sure not to change anything in the signature, otherwise it would be invalid.