that does NOT save you any steps, you still have to perform the workaround steps to get the workaround address as was explained and check if it is correct otherwise all you are doing is deriving a public key and NOT verifying anything whatsoever.
You're right, so the "
shortcut" cannot be used by other users who are verifying the message.
Honestly, I'm focused on fetching the legacy address (
for the signer) and that method will work if
he didn't messed up the copy->paste of his original signed message, 'coz what are the odds that he'll accidentally change his own message?
here is the same exact signature with a different message which that site verifies!
I see, so those extra spaces and lines that usually added/missed can change the result.
it is a bug in that tool's code! in fact if you remove the address there is a pretty good chance that the tool returns an invalid address for you since it is possible to derive more than 1 public key from an ECDSA signature.
basically:
byte[] message = UTF8.Decode("_message_here_")
int256 e = SHA256(SHA256(message)).ConvertToInt256()
for(j=0 to 1)
int256 x = r + (j*N)
int256 y = ModularSQRT(x^3 + a*x + b)
for(k=1 to 2)
point temp = r^−1(sR − eG)
if (temp is on curve)
AddToPossibleResults
temp = -temp
when you remove the address, all you have is r, s and e. with them you can recover up to 4 possible public keys. but there is no address to compare it with.
when you change your "message" you are changing the hash so "e" changes and from that you get an entirely different public key hence the different address.
this is also why it is dangerous to trust tools like this! they have weird features like this in them.