Built-in Identity Proofing

Posted on March 18, 2013


A gentle reminder that trust is becoming a game of many layers, as a good-reputation borrower has his forum account hacked. The compromised account reputation was used to request BTC in a simple way – but really only the first layer of trust was compromised.

Deeper levels of trust were used to quickly invalidate the message (that is, someone phoned the guy to check), but even then it’s difficult to establish the validity of the verification message (what if a fake message said the original message was legit?)

Verifying identity with bitcoin-qt

Verifying identity with bitcoin-qt

In the thread, psy then points out that the Bitcoin-qt client has its own in-built message verification. Because Bitcoin is based on PKI you can use public addresses just like public keys, and validate messages signed by other people’s private keys. In other words, your address isn’t just a place to keep numbers, it’s a place to validate any set of numbers and letters.

People like to focus on the fact that Bitcoin is anonymous/pseudonymous. What they often forget is that the really cool flipside – strong, pseudonymous proof of identity – is built in.

Tagged: , ,