Introduction to Message Signing with EOAs
Externally Owned Accounts (EOAs) enable users to perform more than just transactions and smart contract interactions. One powerful feature is the ability to sign messages, which serves as cryptographic proof of address ownership. This process requires access to the EOA's private key, making it a secure method for:
- Verifying address ownership
- Authenticating contract administrators (Etherscan contract verification)
- Establishing trust in anonymous communications
When signing a message, the system generates a unique signature hash—a distinctive character string similar to (but longer than) a transaction hash. This digital fingerprint ensures the message's authenticity and integrity.
👉 Learn more about Ethereum security practices
Etherscan's Enhanced Verified Signatures Tool
We've upgraded our Verified Signatures Tool with:
- A streamlined user interface
- Direct in-browser message signing capability
- Optional message publishing functionality
How to Sign Messages on Etherscan
Connect Your Wallet
- Click "Sign Message"
- Choose between MetaMask or WalletConnect
- Authenticate your EOA
Compose Your Message
- Enter your desired message content
- Click "Sign Message" to generate the signature hash
Optional Publishing
- Published messages receive a permanent Etherscan URL
- ⚠️ Warning: All published messages become publicly accessible
- Recommended for non-sensitive communications only
Message Verification Process
Verification confirms whether a message was genuinely signed by the claimed address. Common use cases include:
- NFT ownership confirmation
- Smart contract administrator validation
- Identity authentication in decentralized systems
Step-by-Step Verification
- Select "Verify Signature" on the Verified Signatures page
- Complete these required fields:
| Field | Description | Important Notes |
|---|---|---|
| Address | Signer's Ethereum address | Case-sensitive |
| Message | Exact signed content | Must match character-for-character |
| Signature Hash | The "sig" value | Add "0x" prefix if missing |
Choose verification options:
- Verify only
- Verify and publish (with same privacy considerations)
Published Message Management
To remove accidentally published messages:
Sign this exact message format:
[Etherscan.io dd/mm/yyyy hh:mm:ss] I, hereby request that the Verified Signature #[ID] be removed from Etherscan.io- Submit the signed request via Etherscan's Contact Us page
👉 Explore advanced Ethereum tools
FAQs
Q: Is message signing the same as making a transaction?
A: No. Signing consumes no gas and doesn't broadcast to the network—it only creates cryptographic proof.
Q: Can I verify messages signed with hardware wallets?
A: Yes, our tool supports all standard Ethereum signing methods including Ledger and Trezor.
Q: How long do published messages remain available?
A: Published messages persist indefinitely unless manually unpublished.
Q: What's the difference between 'msg' and 'sig' fields?
A: 'msg' contains the original content, while 'sig' is the cryptographic proof of its authenticity.
Q: Can smart contracts sign messages?
A: No, only EOAs (user-controlled addresses) can sign messages. Contracts can verify signatures but not create them.