hips/hip-0304.md

# HIP304 - z\_signmessage + z\_verifymessage

```
  HIP: 304
  Title: Signing and verifying messages from Sapling addresses
  Author: Duke Leto
  Category: Standards
  Created: 2020-02-02
  License: GPLv3
```

# Terminology

The key words "MUST", "MUST NOT", and "MAY" in this document are to be interpreted as described in RFC 2119.
[#RFC2119]

# Abstract

This is an xxx HIP describing signed Sapling messages.

# Motivation

TLDR: Extend the `signmessage` and `verifymessage` RPCs to Sapling shielded addresses.
Many people, including the author, have created Github issues asking for the ability to
sign messages with zaddrs. Originally, it was not possible with Sprout addresses but 
now Sapling zaddrs have the internal machinery to support this use case.

# Specification

This document specifies two new RPCs

    z_signmessage
    z_verifymessage

which are direct shielded counterparts to the original Bitcoin RPCs:

    signmessage
    verifymessage

This specification is directly influenced by various Zcash Github issues and ZIP304
such as https://github.com/zcash/zcash/issues/3159 and https://github.com/zcash/zcash/issues/1770
and the algorithm designed by Daira and other Zcash developers. We simply took the publicly
defined algorithm and decided to actually implement it and decide any implementation details that
would be needed along the way.

## Internal Design

One option would be to write a custom zk-SNARK "circuit" to support signing via a zaddr. This would
be a large amount of work and was dismissed, reasonably, as not viable by Zcash developers.


# References

.. [#RFC2119] `Key words for use in RFCs to Indicate Requirement Levels <https://tools.ietf.org/html/rfc2119>`_
.. [#BIP32] `Hierarchical Deterministic Wallets <https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki>`_
Add a stub for HIP304 4 years ago			`# HIP304 - z\_signmessage + z\_verifymessage`

add more to hip 304 4 years ago			```
			`HIP: 304`
			`Title: Signing and verifying messages from Sapling addresses`
			`Author: Duke Leto`
			`Category: Standards`
			`Created: 2020-02-02`
			`License: GPLv3`
			```

			`# Terminology`

			`The key words "MUST", "MUST NOT", and "MAY" in this document are to be interpreted as described in RFC 2119.`
			`[#RFC2119]`

			`# Abstract`

			`This is an xxx HIP describing signed Sapling messages.`

			`# Motivation`

Add a stub for HIP304 4 years ago			TLDR: Extend the `signmessage` and `verifymessage` RPCs to Sapling shielded addresses.
Add mo beef 4 years ago			`Many people, including the author, have created Github issues asking for the ability to`
			`sign messages with zaddrs. Originally, it was not possible with Sprout addresses but`
			`now Sapling zaddrs have the internal machinery to support this use case.`
add more to hip 304 4 years ago
			`# Specification`

Add some beef 4 years ago			`This document specifies two new RPCs`

			`z_signmessage`
			`z_verifymessage`

			`which are direct shielded counterparts to the original Bitcoin RPCs:`

			`signmessage`
			`verifymessage`

Add mo beef 4 years ago			`This specification is directly influenced by various Zcash Github issues and ZIP304`
			`such as https://github.com/zcash/zcash/issues/3159 and https://github.com/zcash/zcash/issues/1770`
			`and the algorithm designed by Daira and other Zcash developers. We simply took the publicly`
			`defined algorithm and decided to actually implement it and decide any implementation details that`
			`would be needed along the way.`

			`## Internal Design`

			`One option would be to write a custom zk-SNARK "circuit" to support signing via a zaddr. This would`
			`be a large amount of work and was dismissed, reasonably, as not viable by Zcash developers.`

Add some beef 4 years ago
add more to hip 304 4 years ago			`# References`

			.. [#RFC2119] `Key words for use in RFCs to Indicate Requirement Levels <https://tools.ietf.org/html/rfc2119>`_
			.. [#BIP32] `Hierarchical Deterministic Wallets <https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki>`_