We request comments on a new draft TZIP concerning process and interface standards for signing messages off-chain with Tezos keys.
This proposed standard documents a “temporary message signing” convention already in use in some Tezos applications.
See a rendered view of the draft proposal as of 2022/05/06. [edit: obsolete, see below]
One suggestion (by @codecrafting) is to also define a format for bundling everything needed to verify the signature for a message, something like this:
-----BEGIN TEZOS SIGNED MESSAGE-----
-----END TEZOS SIGNED MESSAGE-----
Where %message, %publicKey, and %signature are placeholders for the obvious particular values.
This is similar to a convention used in Bitcoin.
I have updated this draft TZIP to correct the specification of which character codes are allowed in the string values (only 7-bit ASCII, not UTF-8), and to add the message/signature text interchange format mentioned in the prior comment.
See the new rendered draft as of 2022/05/14.
The TZIP draft no longer refers to current implementations by name.
See version 6 of the draft.
tzSig is a simple web app demonstrating use of this proposed standard.