Understanding Digital Signatures
Ever wondered how the authenticity of transactions are verified on Ethereum? Say hello to Digital Signatures.
One of the key part of the blockchain is cryptographic signatures. They prove ownership of an address without exposing its private key.
They are primarily used for signing transactions but can also be used to sign random messages
Cryptographic Signature
In no long words, Cryptographic Signature deals with some kind of proof of ownership, validity etc. It can be used in:
i) Proving that you have the private key for an address (authentication); this proves the authenticity of a signed message.
ii) Ensuring that a message has not been tampered with.
How does cryptographic signature work
The cryptographic signature is based on some mathematical formular where we take:
1) an input message
2) a private key and
3) a random secret.
All these outputs a number which is then taken to be the signature.
Using another mathematical formular, the above process can be verified without exposing the secret key and the random secret used in generating the signature. This implies that the secret key used in signing the transaction and the random secret remains unknown.
ECDSA
Ethereum uses the Elliptic Curve Digital Signature Algorithm (ECDSA) for the digital signature signing process.
Elliptic Curve Point Manipulation
With the elliptic curve point manipulation, we can derive a value from the private key which can not be reversed. This will enable us create or generate signatures that are safe and tamper proof.
Tampered proof values are derived using a trapdoor function
Trapdoor Function
A function is called a trapdoor function if it is used to easily compute in one direction, but difficult to compute in the opposite direction without a special information known as the trapdoor. Computing in opposite direction here means finding the inverse of the function output.
Using ECDSA on transactions.
Transactions are signed messages that are originated by an Externally Owned Account (EOA) and they are the only things that can trigger change of state or cause a contract to execute in the Ethereum Virtual Machine (EVM).
Transactions are binary messages that contains:
1) Nonce
2) Gas Price
3) Gas Limit
4) Recipient
5) Value
6) Data
7) v,r,s
The ECDSA signatures consist of two numbers(integers): r and s. In Ethereum there is an additional v (which is a recovery identifier) variable. The signature is notated as r,v,s and can most times be reversed as v,r,s.
v,r,s are the three components of an ECDSA digital signature of an originating EOA.
To create a digital signature you need:
(i) a message to sign and
(ii) the private key of an originating EOA to sign the message.
Verifying a message will require:
(i) the original message
(ii) the address of the private key the message was signed with, and
(iii) the signature (v,r,s) itself.
Conclusion:
Digital Signatures is what makes transaction authenticity possible since transactions are the main source of state change on the blockchain. Therefore understanding how it works is highly invaluable in the blockchain ecosystem.
References and Related Articles:
https://medium.com/mycrypto/the-magic-of-digital-signatures-on-ethereum-98fe184dc9c7
https://github.com/ethereumbook/ethereumbook/blob/develop/06transactions.asciidoc
Subscribe to my newsletter
Read articles from Casweeney Ojukwu directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Casweeney Ojukwu
Casweeney Ojukwu
Blockchain Developer / Software Engineer with demonstrated excellent skills in building dApps & smart contracts for use on the Ethereum Virtual Machine and other compatible networks. I build with Solidity | React | JavaScript | Laravel | PHP