I understand I can sign a message Y to prove I own an address X that produces a hash Z. However is there a way to sign/verify to prove ownership of X without revealing X? This would be for purposes of establishing ownership in documentation now in case of audit later. I imagine in said document you could simply reveal Y & Z but in theory, an attacker could then cycle thru known addresses until one hash matches, so was looking to avoid this. Is the simplest method to just hash the revealed components one more time, withholding one of the inputs?
A simple way to do it is to sign a message and provide only a hash of the message plus signature. Then when you want to prove ownership, provide the message and signature. The hash proves that the message and signature are authentic.
If that is not sufficient, then perhaps it can be done with a "zero-knowledge proof", which can prove something about the contents of a message without revealing the message itself.