PGP ⇄ ETHCross-attestation
Cross-attestation
Two signatures, one in each direction, binding my OpenPGP key and my Ethereum account to the same person. Neither is an on-chain transaction — both are offline signatures you can verify yourself.
- OpenPGP key:
B22B 98AB B2D5 0330 7AB6 A316 0718 EFA6 506B B669 - Ethereum account:
0x1C049D25D368bFD50c74df68c919a12aDc48C079
1. GPG → Ethereum
A statement attesting control of the Ethereum account, clearsigned with my OpenPGP signing subkey: statement.txt.asc
# Obtain my key (WKD), then verify the statement
gpg --locate-keys yusuke@haya.company
curl -sO https://yusuke-hayashi.com/proofs/statement.txt.asc
gpg --verify statement.txt.asc2. Ethereum → GPG
A message naming the OpenPGP key fingerprint, signed by the Ethereum account (EIP-191 personal_sign): eth-attestation.json
# Recover the signer address from the signature (Foundry)
curl -s https://yusuke-hayashi.com/proofs/eth-attestation.json | jq -r '.message, .signature'
cast wallet verify --address 0x1C049D25D368bFD50c74df68c919a12aDc48C079 "<message>" "<signature>"Or verify in the browser: the SIWE demo uses the same signature scheme and recovers addresses client-side.
Signed: 2026-07-14