Skip to content
Author Identity Protocol - Sign Bitcoin B:// files and OP_RETURN data with Bitcoin ECDSA signatures
Branch: master
Clone or download
Latest commit 4e3d9a8 Apr 2, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information. If Field Indexes are omitted, then it is assumed all fields to the le… Apr 2, 2019


A simple and flexible method to sign arbitrary OP_RETURN data with Bitcoin ECDSA signatures.

Authors: Attila Aros, Satchmo

Special thanks to Monkeylord, Unwriter, and Libitx for feedback and ideas.

Note: Use the bitcoinfiles-sdk to build, sign, and verify document signatures.

Inspired by techniques described by Monkeylord at

Built on top and leveraging Bitcoin Data Protocol by Unwriter at


The design goals:

  1. A simple protocol to sign arbitrary OP_RETURN data in a single transaction
  2. Decouple the signing with an address from the funding source address (ie: does not require any on-chain transactions from the signing identity address)
  3. Allow multiple signatures to be layered on top to provide multi-party contracts.

Use Cases

  • Prove ownership and authoring of any file
  • Add multiple signatures to form agreements and contracts
  • Decouple identity from funding addresses

The last point of being able to decouple identity from the funding source addresses means that we can now upload files and content and not have to expose our identity with an on-chain payment transaction.

An example is being able to upload a blog post and using Money Button to pay for the mining fees, yet never exposing your Identity key with an on-chain payment.


  • The prefix for AUTHOR IDENTITY Protocol is 15PciHG22SNLQJXMoSUaWVi7WSqc7hCfva

Here's an example of what POST transactions look like:

  [Media Type]
  [Signing Algorithm]
  [Signing Address]
  [Field Index 0] // Optional. 0 based index means the OP_RETURN (0x6a) is signed itself
  [Field Index 1] // Optional.
  ...             // If the Field Indexes are omitted, then it's assumed that all fields to the left of the AUTHOR_IDENTITY prefix are signed.

An example with signing B:// Bitcoin Data is shown, however any arbitrary OP_RETURN content can be signed provided that the fields being signed are before the AUTHOR IDENTITY 15PciHG22SNLQJXMoSUaWVi7WSqc7hCfva prefix.

We use the Bitcom convention to use the pipe '|' to indicate the protocol boundary.


  1. Signing Algorithm: ECDSA - This is the default Bitcoin signing algorithm built into bsv.js. UTF-8 encoding.
  2. Signing Address: Bitcoin Address that is used to sign the content. UTF-8 encoding.
  3. Signature: The signature of the signed content with the Signing Address. Base64 encoding.
  4. Field Index : (Optional) The specific index (relative to Field Offset) that is covered by the Signature. Non-negative integer hex encoding. When there are no indexes provided, it is assumed that all fields to the left of the AUTHOR IDENTITY prefix are signed.



  19HxigV4QyBv3tHpQVcUEQyq1pzZVdoAut  // B Prefix
  { "message": "Hello world!" }       // Content
  applciation/json                    // Content Type
  UTF-8                               // Encoding
  0x00                                // File name (empty in this case with 0x00 to indicate null)
  |                                   // Pipe to seperate protocols
  15PciHG22SNLQJXMoSUaWVi7WSqc7hCfva, // AUTHOR IDENTITY prefix
  BITCOIN_ECDSA                       // Signing Algorithm
  1EXhSbGFiEAZCE5eeBvUxT6cBVHhrpPWXz, // Signing Address
  0x1b3ffcb62a3bce00c9b4d2d66196d123803e31fa88d0a276c125f3d2524858f4d16bf05479fb1f988b852fe407f39e680a1d6d954afa0051cc34b9d444ee6cb0af, // Signature
  0,  // OP_RETURN 6a
  1,  // 19HxigV4QyBv3tHpQVcUEQyq1pzZVdoAut
  2,  // { "message": "Hello world!" }
  3,  // applciation/json
  4,  // UTF-8
  5,  // 0x00
  6   // |

In Hex form:

  '0x6a', /// OP_RETURN

In Hex form (by implicitly signing all fields)

  '0x6a', /// OP_RETURN

Transaction Examples

1 signature



2 signatures



File with 1 signature, but using implicit 'sign all' by omitting indexes:



Usage and Library Examples

Create and Sign a File

Build and Sign a File

Build and Sign a File with 2 Signatures (Contract)

Verify Signature for OP_RETURN fields:

Detect and Verify Signatures for OP_RETURN fields:
Broadcast Signed File with Datapay:


BitcoinFiles SDK has support for directly being able to sign B data files. bitcoinfiles-sdk

You can’t perform that action at this time.