PrivateKey wallet storage

Question

Hi there, and thanks in advance.

This is a two part question.

I begin to use importAddress with generateKeyPairs instead of importPrivKey because I didn't want to store private keys on the server in case of hacks, shutdowns etc. But then I realized that I was using signMessage API.

a) Is there any way to use signmessages trough API without having user's private key inside node wallet?

b) Is there any way to protect users private keys if I have to keep them on node's wallet?

Because there are a lot of functionalities that depends on node wallet using users privkeys and I want to keep that without have to worry about hacks or system failures.

Thanks.

Mdev

Answer 1

a) I'm afraid it's not currently possible to do this in MultiChain. Bitcoin Core has added an API signmessagewithprivkey that we may adopt in a future version of MultiChain, or we might just allow a private key to be passed to signmessage instead of an address. For now you'll have to use an external bitcoin-compatible library to do the signing.

b) For protecting private keys stored in the node, take a look at encryptwallet and walletpassphrase APIs.

Answer 2

Beta 2, just released, allows an external private key to be passed to signmessage in place of an address.