A simple and flexible method to sign arbitrary OP_RETURN data with Bitcoin ECDSA signatures.

Authors: Attila Aros, Satchmo
Special thanks to Monkeylord and Unwriter for feedback and ideas.

Note: Use the bitcoinfiles-sdk to build, sign, and verify document signatures.

Inspired by techniques described by Monkeylord at
Built on top and leveraging Bitcoin Data Protocol by Unwriter at

The design goals:

  • A simple protocol to sign arbitrary OP_RETURN data in a single transaction
  • Decouple the signing with an address from the funding source address (ie: does not require any on-chain transactions from the signing identity address)
  • Allow multiple signatures to be layered on top to provide multi-party contracts.

Use Cases

  • Prove ownership and authoring of any file
  • Add multiple signatures to form agreements and contracts
  • Decouple identity from funding addresses

The last point of being able to decouple identity from the funding source addresses means that we can now upload files and content and not have to expose our identity with an on-chain payment transaction.

An example is being able to upload a blog post and using Money Button to pay for the mining fees, yet never exposing your Identity key with an on-chain payment.