Jump to content
Sign in to follow this  
Debasish

Do verification for a ripple address

Recommended Posts

Hi ,

Can any one help me do custody verification for a ripple account .to validate if a account really belongs to the owners ?

 

Share this post


Link to post
Share on other sites
17 hours ago, Debasish said:

Hi ,

Can any one help me do custody verification for a ripple account .to validate if a account really belongs to the owners ?

 


After reflection my idea is no good.  It was:

If you or they are not confident doing the command line encryption that @Sukrim suggests then another option is to have them send a micro amount somewhere.  Specify the amount to be a specific decimal.  If that exact decimal is then sent it implies that they can access the account.

Then I realise:

It doesn’t prove it however because they could just be the middlemen instructing a duped real owner.

Sorry.  Maybe my idea triggers someone’s better one...

Share this post


Link to post
Share on other sites
On 2/8/2020 at 1:43 AM, Tinyaccount said:

Then I realise:

It doesn’t prove it however because they could just be the middlemen instructing a duped real owner.

I think the same logic can be applied to Sukrim's solution. I think it would be impossible to prove...

Share this post


Link to post
Share on other sites
28 minutes ago, Hero_Member said:

I think the same logic can be applied to Sukrim's solution. I think it would be impossible to prove...

Short of perhaps watching them do the transaction or the encryption in person.  That’s fairly definitive.  Again...  not impossible to magic as a middleman,  but fairly definitive.  It’s a very obscure situation where there is a bad faith middleman duping both ends.

For most practical purposes I think a pre-arranged decimal transaction is probably good enough.

Share this post


Link to post
Share on other sites
6 hours ago, Tinyaccount said:

Short of perhaps watching them do the transaction or the encryption in person.  That’s fairly definitive.  

That's pretty definitive, but its also pretty stupid to have someone watch you signing a transaction with your secret key :)

Share this post


Link to post
Share on other sites
12 hours ago, Hero_Member said:

I think the same logic can be applied to Sukrim's solution. I think it would be impossible to prove...

Depends on the statement that should be signed. If it is just a string of random characters, that's a bit different than "I control the following XRPL account on $DATE, this statement is to prove this ownership to X on website Y". Sure, there might be enough ways to get people to sign such a statement, but it is a bit more clear than just some random transaction (I'd personally attach an encrypted/specified memo, not a certain amount).

Share this post


Link to post
Share on other sites

Thank you @Sukrim @Tinyaccount @Hero_Member for your suggestions but just to reiterate on my requirement.

@Sukrim To do custody verification for a xrp address i am aware of the above approached discussed like 

1. asking the xrp address owner to send some funds to other xrp address/account

2. asking xrp address owner to sign a random message with private key

but i need to custody verify the xrp address using the combination of public key + signed message + message - is this possible by any means

 

image.thumb.png.5bffdb279fb23ed822f6401ca091880e.png

image.thumb.png.ab835bbae7711e4a0a69119ea957a70f.png

Share this post


Link to post
Share on other sites
8 minutes ago, Debasish said:

i need to custody verify the xrp address using the combination of public key + signed message + message - is this possible by any means

If you have a message, a signature and a public key, you can verify that the message was signed by the private key belonging to that public key, yes. This is a standard operation in most cryptographic libraries when dealing with signatures, so you should find example code easily.

Share this post


Link to post
Share on other sites
On 2/13/2020 at 1:50 PM, Sukrim said:

If you have a message, a signature and a public key, you can verify that the message was signed by the private key belonging to that public key, yes. This is a standard operation in most cryptographic libraries when dealing with signatures, so you should find example code easily.

@SukrimI got library ripple-keypairs . Is it a good one to go ahead with that.

https://npm.runkit.com/ripple-keypairs

Edited by Debasish

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...