Message signing
Direct answer: Use CKBunker for policy-controlled COLDCARD text message signing under explicit derivation-path restrictions.
CKBunker can request COLDCARD message signatures when the HSM policy permits it. This is separate from transaction signing: the policy should explicitly allow the derivation paths that may sign text messages.
How it works
A remote operator enters a short message, selects the allowed derivation path/address type, and asks the COLDCARD to sign. CKBunker returns a standard base64 signature and displays the related address or public-key information.
Privacy caveat
Sharing a message signature can reveal more than a payment address. It may expose a public key or connect an address/path to a public identity. Treat message-signing permissions as a scoped policy capability, not as a harmless utility.
Policy guidance
- Enable message signing only when you have a concrete operational need.
- Restrict signing to specific derivation paths.
- Keep message-signing users separate from transaction-spending users when possible.