How does Keybase verify the ownership of the PGP keys?

[gh67uyyghj]

I am new to keybase and I found the client codebase pretty huge to get the answer of my question, but how does keybase verify that the client-generated PGP keys are actually owned by the client? does the server sends some challenge encrypted by the claimed public key and waits for the unencrypted version or what exactly?

[Brianetta]

keybase pgp select
It actually runs GnuPG to sign a proof onto your sigchain.

It can, at the same time, import the secret key if desired, locally, for use with just that one device.

keybase pgp import
If you're using some other implementation of PGP, then Keybase can read the secret key file and generate the signatures itself. The secret key will be imported locally, but can be dropped later with keybase pgp purge.

[gh67uyyghj]

@Brianetta Thank you so much for the quick answer, so the idea to self-sign the public-key with its private-key and push the signature to the server and the server then verifies the signature with the publci-key, am I right? is there a detailed example of this in some docs or the piece of code in the go client repo which does this? I'd be totally grateful since I am barely exploring of how keybase works

[Brianetta]

Like any proof, the signed statement ends up appended to your sigchain. I've no idea what the server does, but the onus is on the client to verify all proofs. So, some other Keybase user wanting your PGP pubkey will be able to get it from your sigchain, and at the same time verify a message signed by that key and your Keybase key.

I have several PGP keys. Here's my most recent proof of one:
https://keybase.io/brianetta/sigchain#6f1e2a37335df0ca349bf42edf46fcacc800dcb2884e36d8c0a09614d27536b60f
You can see there's a JSON payload, signed by one of my devices. Embedded in that payload is a PGP signed message. Using those two signatures, you can be certain that the PGP key is controlled by me.

[gh67uyyghj]

@Brianetta thanks! but my question is really about how can I or the server can verifiy that YOU really own that PGP key? you only signed with your device secret key that you have that public key. But you didn't prove that this public key is owned by you if I am getting the sigchain correctly. I mean at least the server needs to check self-signing the PGP public key to verify that you really own it. Right?

[Brianetta]

It's late and I'm not looking closely, but signing all of my PGP proofs required me to give GnuPG my secret key's passphrases. I'm pretty sure there's a PGP signature involved. I'll take a look sometime after I wake up tomorrow.

…

On Wed, 18 Dec 2019, at 11:52 PM, gh67uyyghj wrote: @Brianetta <https://github.com/Brianetta> thanks! but my question is really about how can I or the server can verifiy that YOU really own that PGP key? you only signed with your device secret key that you have that public key. But you didn't prove that this public key is owned by you if I am getting the sigchain correctly. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#3735?email_source=notifications&email_token=AAFPXSJJYUOJL3M6WOH7XDTQZKZUZA5CNFSM4JWB77OKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEHH4PEQ#issuecomment-567265170>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAFPXSMPBP4GPVWZ5YVU4NTQZKZUZANCNFSM4JWB77OA>.