Current location - Quotes Website - Personality signature - 3. Digital signature
3. Digital signature
The digital signature algorithm used by Bitcoin is elliptic curve digital signature algorithm or ECDSA. ECDSA is a digital signature algorithm based on elliptic curve private key/public key pair, as described in elliptic curve chapter [elliptic_curve]. ECDSA is used for script functions OP_CHECKSIG, OP_CHECKSIGVERIFY, OP_CHECKMULTISIG and OP_CHECKMULTISIGVERIFY. Whenever you see this in the lock script, the unlock script must contain the ECDSA signature.

Digital signatures have three uses in Bitcoin:

First, the signature proves that the owner of the private key, that is, the owner of the funds, has authorized the expenditure of these funds.

Second, the authorization certificate is undeniable (undeniable).

Third, the signature proves that the transaction (or a specific part of the transaction) has not been and cannot be modified by anyone after signing.

Create a digital signature

In the implementation of ECDSA algorithm of Bitcoin, the signed "message" is the transaction, or more accurately, the hash value of a specific subset of data in the transaction (see signature hash type).

The signing key is the user's private key, and the result is a signature:

((Sig = F{sig}(F{hash}(m),dA)))

This is:

● dA is the signature private key.

M is a transaction (or part of it)

● F hash is a hash function.

Fsig is a signature algorithm.

Sig is the result signature.

More details of ECDSA mathematical operations can be found in the ECDSA mathematical chapter.

The function F Sig generates a Signature sig consisting of two values, usually called r and s:

Sig = (R,S)

Signature serialization (DER)

After unlocking script serialization:

3045022 100884d 142d 86652 a 3f 47ba 4746 EC 7 19 bbf BD 040 a 570 b 1 deccbb 6498 c 75 C4 AE 24 CB 02204 b 9 f 039 ff 08 df 09 CBE 9 f 6 addc 960298 CAD 530 a 863 ea 8 f 53982 c 09 db 8 f 66

Contains the following 9 elements:

● 0x30 indicates the beginning of the DER sequence.

●0x 45- Sequence length (69 bytes)

●0x 02- an integer value

●0x 2 1- integer length (33 bytes)

●R-00884d 142d 86652 a3 f 47 ba 4746 EC 7 19 bbf BD 040 a 570 b 1 dec cbb 6498 c 75 C4 AE 24 CB

● 0x02-Next is an integer.

●0x 20- integer length (32 bytes)

●S-4b 9 f 039 ff 08 df 09 CBE 9 f 6 a ddac 960298 CAD 530 a 863 ea 8 f 53982 c 09 db 8 f 6 e 38 13

The suffix (0x00 1) indicates the hash type used (SIGHASH_ALL).