Trezor or Electrum: A Pitfall in Manual Signing

With the implementation of the Financial Action Task Force’s (FATF’s) Travel Rule and the European Union’s Transfer of Funds Regulation (TFR), self-hosted wallet verification - proof of address ownership - is a must in certain instances. Virtual asset service providers (VASPs) and self-hosted wallet owners have 4 options to prove address ownership: Address Ownership Proof Protocol (AOPP), the Satoshi Test, the visual proof method and the manual signing method. 

Each method has its pros and cons; however, manual signing has presented an additional signing issue: Trezor and Electrum sign differently.

Below we will clarify the following:

• what manual signing is 

• how a Trezor wallet signs a message 

• why the differences in signatures pose a problem to wallet users and VASPs

• a possible solution 

What Is the Manual Signing Method? 

Manual signing is a secure method for wallet owners to demonstrate ownership of their self-hosted wallets to VASPs. By utilising digital signatures, this approach leverages the fundamental technical features of any wallet. Manual signing offers enhanced security compared to alternatives such as visual proof.

Read: Manual Signing Method Explained

How Can You Sign a Message with Trezor? 

To manually sign a message using a Trezor hardware wallet, wallet users must click on the Sign & Verify option within the software. After that, complete the data fields; message, address, format, click sign, and a signature will be generated, which needs to be copied and sent to the VASP that the wallet owner wishes to use for the transfer. The Trezor signing process is incredibly user-friendly. The issue at hand is not the software, but the fact that the user can choose the signature format. 

The format choice, Trezor is the standard signature format according to BIP137, whereas Electrum is a compatibility signature format. The pitfall is that the signatures differ, ever so slightly, as seen in the copied signatures below.  

Trezor:

-----BEGIN BITCOIN SIGNED MESSAGE-----

This account belongs to Olivia Smith

-----BEGIN SIGNATURE-----

bc1qu09630xn9973tz6fmw5z5jg45je5fhdt9h1234KCuJA0bpkxfOI+K3FVov0h/HxaKGHAzVrGgi/pMi5vz6OQbo2kN/3lOsaH7Voe2ihxfbZ5vCD6b5/NcQnGNLCig=

-----END BITCOIN SIGNED MESSAGE-----

Electrum: 

-----BEGIN BITCOIN SIGNED MESSAGE-----

This account belongs to Olivia Smith 

-----BEGIN SIGNATURE-----

bc1qu09630xn9973tz6fmw5z5jg45je5fhdt9h1234ICuJA0bpkxfOI+K3FVov0h/HxaKGHAzVrGgi/pMi5vz6OQbo2kN/3lOsaH7Voe2ihxfbZ5vCD6b5/NcQnGNLCig=

-----END BITCOIN SIGNED MESSAGE-----

The difference between the signatures is so minor that many humans struggle to spot it. Look closely at the first letter after the wallet address; you will notice that in the case of Trezor, the first letter is a K, whereas, with Electrum, it is an I.  

The Problems Wallet Users and VASPs Encounter

After signing the message, the wallet owner will copy the signature generated by Trezor and send it to the VASP. This is where the problems start. Unless the wallet owner correctly guesses which software the VASP is using to verify signatures or the VASP advises the user on their software choice prior to them signing, there is a big chance that the signatures will not match. 

The obvious issue is that because the signatures do not match, address ownership cannot be ascertained. Therefore the virtual asset transfer cannot go forward as it does not adhere to the Travel Rule standards. Additionally, most Travel Rule solutions do not provide the appropriate error message. From the VASP’s perspective, it appears as if the wallet owner did not sign the message correctly. 

The VASP will usually ask the wallet owner to repeat the signing activity, but will achieve the same result - an error. Eventually, the user will get frustrated by the poor user experience and seek an alternative solution, which could result in a loss of business for the VASP. 

Address Ownership Proof Protocol (AOPP) as a Solution 

Address Ownership Proof Protocol (AOPP) is an automated solution that proves wallet ownership through digital signatures. AOPP is similar to the manual signing method, offering the same pros, but in addition, it is fully automated for both the wallet owner and the VASP. 

When using AOPP, a VASP can furnish their customers with a direct link (or a QR code for mobile users) that promptly transmits an ownership verification message to their chosen self-hosted wallet. Subsequently, the user can conveniently access their wallet and authorise the message, which will be automatically sent back to the VASP, promptly establishing ownership and facilitating the withdrawal process accordingly.

AOPP solves the manual signing issue as it has a specification that only generates one version of a signature. Meaning the Travel Rule software will always recognise the signature that it receives; another upside is that this happens behind the scenes instantaneously. Neither the VASP, nor the waller owner has to do anything besides the “normal” signing process. 

With AOPP, there is no copying and pasting of addresses, and no confusing format options are presented to the wallet owner, resulting in a better user experience. Moreover, it cannot be forged, and it isn’t a lot of work - it is a single-click experience, fully compliant with the Travel Rule and the EU’s General Data Protection Regulation (GDPR).

Curious to find out more about AOPP?