Consica Labs

Consica Labs
Chapter 8

Digital Signatures

Signing transactions with cryptographic proof

Definition

A Digital Signature is a mathematical scheme for verifying the authenticity and integrity of digital messages or documents. It provides three guarantees: Authentication (the signature was created by someone possessing the Private Key corresponding to a specific Public Key), Non-Repudiation (the signer cannot deny having signed the message), and integrity (the message was not altered after signing). Key concepts include Verification.

Digital Signature in blockchain work through public-key cryptography. To sign, the sender Hash the message and encrypts the Hash with their Private Key. To verify, anyone can decrypt the signature using the sender's Public Key to reveal the Hash, then independently Hash the message. If the Hash match, the signature is valid. This proves the sender controls the Private Key and the message is authentic. The Elliptic Curve Digital Signature Algorithm (ECDSA) is the standard used by Bitcoin and most blockchains.

Real-Life Example

Think of a Digital Signature like signing a check. When you write a check, your handwritten signature authorizes the bank to transfer money from your account. The bank verifies your signature against their records. A Digital Signature works the same way but is mathematically unforgeable. Unlike a handwritten signature that can be copied, a Digital Signature is unique to both the signer AND the specific document — you cannot copy someone's Digital Signature from one document and attach it to another.

A practical example: In 2020, the state of Illinois passed a law allowing blockchain-based Digital Signature for business records. A company can now sign contracts using the same ECDSA technology that Bitcoin uses. The signature is legally binding and provably authentic. If a dispute arises, anyone can verify the signature by checking it against the signer's Public Key on the blockchain, without needing a handwriting expert or notary.

Interactive Diagram

Launch the interactive diagram to see this in action.

Open Interactive Diagram

The interactive diagram for this chapter demonstrates Hashes. It shows a hash function taking input data and producing a fixed-length output (hash).

What to explore:

  • type different inputs; watch the hash output change completely; see how even tiny changes produce entirely different hashes
  • a hash function converts any input into a fixed-length fingerprint — even changing one letter produces a completely different hash

Introduction

How does the blockchain know that you authorized a transaction? How does it prove that a transaction came from you and not from someone pretending to be you? The answer is Digital Signature. A Digital Signature is a mathematical scheme that proves you signed a specific message, much like your handwritten signature proves you signed a paper document — but much more secure.

Digital Signature are built on public-key cryptography. They provide three essential properties: Authentication (the signature proves the signer's identity), Non-Repudiation (the signer cannot later deny signing), and integrity (the signed message cannot be changed without invalidating the signature). Every blockchain transaction includes a Digital Signature proving the owner authorized it.

In this chapter, you will learn how Digital Signature work, how they are created and verified, and why they are essential for blockchain security. By the end, you will understand why Digital Signature are the foundation of ownership and authorization in cryptocurrency.

How It Works

Creating a Digital Signature works like this: Alice has a message (a transaction: 'Pay Bob 5 BTC'). She runs the message through a Hash function to get a digest. Then she encrypts that digest with her Private Key. The result is the Digital Signature. She sends both the original message and the signature to the network. Only Alice's Private Key can create a valid signature for this message.

Verifying a Digital Signature works like this: Bob (or any node) receives the message and signature. They decrypt the signature using Alice's Public Key, which produces a Hash. They also Hash the original message themselves. If the two Hash match, the signature is valid. This proves: (1) the message was signed by Alice (because only her Private Key could create a signature that her Public Key can verify), (2) the message has not been tampered with (because any change would produce a different Hash).

Household Object Analogy

Think of a Digital Signature like a wax seal on a medieval letter. The seal was made with a unique stamp (Private Key) that only the sender possessed. Anyone who knew the sender's seal pattern (Public Key) could verify the seal was authentic. If the letter was opened and resealed, the broken seal would show it had been tampered with. Digital Signature work the same way, but with mathematical guarantees instead of wax.

Deeper Dive

The difference between signing and encryption is important. Encryption (encrypt with Public Key, decrypt with Private Key) ensures confidentiality — only the intended recipient can read the message. Signing (sign with Private Key, verify with Public Key) ensures authenticity — anyone can verify who wrote the message. Blockchain transactions use signing to prove ownership, but the transactions themselves are typically not encrypted (on public blockchains, all data is visible to everyone).

The Elliptic Curve Digital Signature Algorithm (ECDSA) is the specific signature algorithm Bitcoin uses. To create a signature, the signer generates a random number (called a nonce, different from the mining nonce), computes a point on the elliptic curve, and then uses mathematical operations involving the Private Key and message Hash to produce two numbers (r and s) that form the signature. This process is well-defined and standardized.

Signature malleability is a known challenge. In some signature schemes, a valid signature can be transformed into a different but still valid signature for the same message by someone who does not know the Private Key. This was exploited in a Bitcoin attack where attackers altered transaction IDs by changing the signature format. The SegWit upgrade (Segregated Witness) fixed this by separating signature data from transaction data, making transaction IDs independent of signature variations.

Key Insight

Your cryptocurrency Private Key is your identity on the blockchain. Whoever holds the Private Key controls the associated funds. There is no 'forgot my password' option, no customer support to call, no way to reverse a transaction. This is why Private Key security is absolutely critical — lose your key, lose your money.

Advanced

Multisignature (multisig) addresses require multiple Private Key to authorize a transaction. A 2-of-3 multisig address, for example, holds funds that require any 2 of 3 designated keys to spend. Multisig is used for joint accounts, corporate treasuries, and escrow services. It provides security against theft (an attacker would need multiple keys) and redundancy (if one key is lost, the others can still access funds).

Schnorr signatures are an alternative to ECDSA that offer several advantages: they produce shorter signatures, they are provably secure (ECDSA's security proof requires extra assumptions), and they support signature aggregation, where multiple signatures (from multiple signers) can be combined into a single signature. This makes multi-signature transactions smaller and more private. Schnorr signatures were added to Bitcoin with the Taproot upgrade in 2021.

Threshold signatures extend the multisig concept. Instead of a 2-of-3 setup requiring three Public Key, threshold signatures use a single Public Key that represents a group. Any subset of the group (say, 3 out of 5 members) can collectively produce a signature that is valid under that single Public Key. An observer cannot tell which members participated. Threshold signatures are more efficient and private than traditional multisig.

Vocabulary Table

TermDefinition
Digital SignatureA cryptographic proof that a specific person authorized a specific message.
ECDSAElliptic Curve Digital Signature Algorithm — the standard signing algorithm for blockchain.
AuthenticationThe process of verifying the identity of a user or device.
Non-RepudiationThe inability to deny having performed an action, ensured by digital signatures.
HashA fixed-length string produced by a one-way function, used as a digital fingerprint.
VerificationThe process of checking that a digital signature matches a message and public key.
Public KeyA cryptographic key shared openly, used to verify signatures.
Private KeyA secret key used to create digital signatures and prove ownership.

Fun Facts

A Bitcoin Digital Signature is between 70 and 73 bytes long. It consists of two 32-byte integers plus a few bytes of formatting.

The ECDSA algorithm used by Bitcoin is the same algorithm used by the US government for classified communications, standardized as FIPS 186-4.

The first known use of Digital Signature was in 1976 by Whitfield Diffie and Martin Hellman, who proposed the concept in their paper 'New Directions in Cryptography'.

A Digital Signature proves you know the Private Key without revealing the Private Key itself. This is an example of a zero-knowledge proof.

Bitcoin transactions can have multiple signatures. A typical transaction has one input signature (from the sender), but multisig transactions can have 3, 5, 15, or more signers.

Common Misconceptions

Misconception: A Digital Signature is a scanned image of your handwritten signature.

Truth: A scanned signature is just an image — it can be copied and pasted onto any document. A real Digital Signature is mathematically tied to both the signer's Private Key and the specific message, making forgery practically impossible.

Misconception: Digital Signature prove who you are.

Truth: Digital Signature prove you control a specific Private Key. They do not directly prove your real-world identity unless the key is linked to your identity through a trusted process (like KYC Verification at a cryptocurrency exchange).

Misconception: Signing a transaction reveals your Private Key.

Truth: Signing proves you have the Private Key without revealing it. The signature is computed from the key and the message, but the key cannot be derived from the signature — that is the fundamental security property of signature algorithms.

Misconception: You can sign a message that you cannot read.

Truth: Signing a Hash of a message is standard practice. You are signing the Hash, not the full message. This is efficient (shorter data to sign) and safe (the Hash uniquely represents the message).

Knowledge Check

1. What does a digital signature prove?

Answer: That the transaction was authorized by the private key owner and has not been altered

2. What is non-repudiation?

Answer: The signer cannot later deny having signed

3. What happens if the same random number is used in two ECDSA signatures?

Answer: The private key can be mathematically recovered