# Verify Bitcoin message signatures

Signature verification depends on the type of address the message was signed with

### Ordinals Address `P2TR`

Message signing for P2TR addresses conform to the BIP-322 standard. The following options are available to verify the message signature. 

* Calling the `verifymessage` RPC command on a Bitcoin node built from the source of the unreleased BIP-322 feature branch. Reference: <https://developer.bitcoin.org/reference/rpc/verifymessage.html> <https://github.com/bitcoin/bitcoin/pull/24058>
* Use the NPM package BIP322-js <https://www.npmjs.com/package/bip322-js>

:information\_source: Note that due to the experimental nature of BIP-322 none of the above options are officially endorsed or audited. Use at your own risk.

### Payment Address `P2SH(P2WPKH)`

Messages from the payment address are signed with an ECDSA signature, conforming to the standard described here: <https://en.bitcoin.it/wiki/Message_signing>

You can decode the signed message and use a cryptographic library to verify the signature.

Using `bitcoinjs-message` can also be a convenient option if you're working within a JavaScript or Node.js environment. It abstracts away the lower-level details of ECDSA verification and the Bitcoin message signing standard, allowing you to verify signed messages with minimal code:

#### Step 1: Install bitcoinjs-message

First, you need to install the `bitcoinjs-message` library. If you're using npm, you can install it by running:

```bash
npm install bitcoinjs-message
```

#### Step 2: Verify the Message

Once installed, you can use the library to verify a message with just a few lines of code. Here's a simple example:

```javascript
const bitcoinMessage = require('bitcoinjs-message');

// The message that was signed
const message = "This is a test message";

// The signature in base64 format
const signature = "H8yAIxMVQfVcY4J//yA8hI3Fy2kL...base64signature...";

// The Bitcoin address of the signer
const address = "1ExampleOnlyDoNotSendToThisAddressDoNotTryToDecodeIt";

// Verify the message
const isValid = bitcoinMessage.verify(message, address, signature);

console.log("Is the signature valid?", isValid);
```

:information\_source: Note that none of the above options are officially endorsed or audited. Use at your own risk.