A Byte of Blockchain - Week 45
Digital Signature

A Byte of Blockchain - Week 45 Digital Signature

·

4 min read

Recap

Last week we explored transactions by starting with the definition of a general transaction & how these are recorded for legal & accounting purpose. We then explored transactions in Ethereum & how these are recorded on the Ethereum platform.

We also explored transaction data fields in a real-world transaction. In the context of Ethereum,

Transactions are signed messages :

a. originated by an Externally Owned Account

b. transmitted over the Ethereum network &

c. Recorded on the Ethereum Blockchain

We then explained change of "state" caused by a transaction & started with the below fields:

a. Nonce

b. Gas Price &

c. Gas Limit

Let us explore some more fields in a transaction starting with Digital Signature.

Digital Signature

kelly-sikkema-61BQ1JhTKik-unsplash.jpg

Photo by Kelly Sikkema on Unsplash

Recap on Digital Signature

It is through Digital signature that a wallet owner interacts with their cryptocurrency in the Blockchain. How is that?

  1. The keys proving ownership of the cryptocurrency is in the wallet.

  2. Mostly wallets are not connected to a Blockchain other than when a transaction is conducted. (In line with best practice).

  3. When a transaction is conducted, the private keys plus a transaction imprint is combined to get a digital signature

Digital Signature.jpg

Why do we need digital signature?

Unlike traditional online banking platforms, when we transfer funds on a Blockchain platform (say, Ethereum), there is no Bank or centralized organization to ensure security or any type of transaction validity & accuracy. To answer the question on why we need digital signature, we need to consider the below three points :

  1. How will we know if the person transferring the funds is actually the owner of that funds?

  2. Can the owner repudiate the transaction later?

  3. Can anyone modify the transaction later?

    In an online banking application, there are security measures in place to ensure confirmation of the above :

  4. How will we know if the person transferring the funds is actually the owner of that funds? - Login to the application using username & password

  5. Can the owner repudiate the transaction later? - Transaction confirmed by user in the application itself by logging in with his/her password

  6. Can anyone modify the transaction later? - Transaction is booked & authorized in the core banking system & cannot be modified later

Let us move over to Ethereum & answer the same questions with the use of signatures.

  1. How will we know if the person transferring the funds is actually the owner of that funds? - Digital Signature proves owner of the private key authorized the transaction

  2. Can the owner repudiate the transaction later? - Due to the private key used in signature linked to the wallet & hence to the owner, owner cannot deny the transaction later (Non-Repudiation)

  3. Can anyone modify the transaction later? - The signature includes transaction imprint & once the block is added & confirmed, cannot be modified or changed later (INTEGRITY)

Now that we know the importance of digital signature in Ethereum, let us understand at a high level how it works :

There are two parts to Digital Signature :

  1. Signature Creation

  2. Verification of the Signature

Signature Creation

We explained above how digital signature is created (using private key + transaction imprint)

Signature Verification

In very simple terms, signature verification is carried out using the transaction & the owner's public key. The public key is available to all. For example - Assume A has initiated a transaction with his/her private key & B wants to verify that transaction. B has the public key of A with the transaction details. Since A's public key can be generated only from A's private key, it can be confirmed that A has initiated that transaction. In other words,

As the public key is generated from its linked private key, it means that the transaction verified with that public key was generated from the corresponding private key.

The below visualization makes it more clear :

Signature.jpg

We will explore Data & Value next week