All Guides
Understanding BIP-137: Bitcoin Message Signing
How to prove control of a Bitcoin address without moving funds.
What is BIP-137?
BIP-137 is a Bitcoin Improvement Proposal that defines a standard format for signing messages with Bitcoin private keys.
The core idea is simple. If you control the private key for an address, you can sign any arbitrary message. Anyone can then verify that signature using only the message, signature, and address. No transaction required. No coins move.
This provides cryptographic proof of ownership. The same mathematics that secures Bitcoin transactions can prove you control an address without revealing your private key.
How it works
The process uses ECDSA (Elliptic Curve Digital Signature Algorithm), the same cryptography that signs Bitcoin transactions.
1
A message is chosen (any text string)
2
The wallet prefixes the message with "Bitcoin Signed Message:\n"
3
The prefixed message is double-SHA256 hashed
4
The hash is signed with the private key
5
The signature is base64-encoded for easy sharing
The "Bitcoin Signed Message" prefix is important. It prevents signed messages from being misused as valid transaction signatures. Without this prefix, a malicious verifier could trick you into signing a transaction.
The signature format
A BIP-137 signature is 65 bytes, encoded as base64. The first byte is a header that indicates which address type and key recovery method to use.
Header byte ranges:
27-30: P2PKH uncompressed (1... addresses)
31-34: P2PKH compressed (1... addresses)
35-38: P2SH-P2WPKH (3... addresses)
39-42: P2WPKH native SegWit (bc1q... addresses)The header byte allows the verifier to recover the public key from the signature itself. This is why BIP-137 verification only needs three inputs: message, signature, and address.
Note that Taproot addresses (bc1p...) use a different signing scheme called BIP-322, which extends the message signing concept but uses Schnorr signatures instead of ECDSA.
Wallet support
Most Bitcoin wallets implement BIP-137 message signing. The feature is typically found in the settings or tools menu.
Hardware wallets
Ledger (via Ledger Live or Electrum)
Trezor (via Trezor Suite or Electrum)
Coldcard (via SD card or Electrum)
Software wallets
Electrum (Tools → Sign/verify message)
Sparrow (Tools → Sign message)
BlueWallet (Receive → Sign message)
Bitcoin Core (signmessage RPC)
The signing process is the same across all wallets. You provide the message to sign, select the address, and the wallet returns the base64-encoded signature.
Practical applications
Message signing has several practical uses beyond simple proof of ownership.
Proof of funds for lending
Lenders can verify borrowers control claimed Bitcoin collateral without requiring on-chain transactions.
Audit and compliance
Organizations can prove control of reserves to auditors without moving funds or revealing full balance.
Identity verification
Proving you are the same entity that received a payment or published an address.
Timestamped attestations
Signing a message that includes a date or block height proves you controlled the address at that time.
The key property is that verification is trustless. Anyone can verify the signature using only public information. No need to trust the signer or any third party.
Need to verify Bitcoin ownership for your business?
Get Started Free