Chapter 8. Digital Signatures
Two signature algorithms are currently
used in Bitcoin, the schnorr signature algorithm and the Elliptic
Curve Digital Signature Algorithm (ECDSA).
These algorithms are used for digital signatures based on elliptic
curve private/public key pairs, as described in “Elliptic Curve Cryptography Explained”.
They are used for spending segwit v0 P2WPKH outputs, segwit v1 P2TR
keypath spending, and by the script functions OP_CHECKSIG,
OP_CHECKSIGVERIFY, OP_CHECKMULTISIG,
OP_CHECKMULTISIGVERIFY, and
OP_CHECKSIGADD.
Any time one of those is executed, a signature must be
provided.
A digital signature serves three purposes in Bitcoin. First, the signature proves that the controller of a private key, who is by implication the owner of the funds, has authorized the spending of those funds. Secondly, the proof of authorization is undeniable (nonrepudiation). Thirdly, that the authorized transaction cannot be changed by unauthenticated third parties—that its integrity is intact.
Note
Each transaction input and any signatures it may contain is completely independent of any other input or signature. Multiple parties can collaborate to construct transactions and sign only one input each. Several protocols use this fact to create multiparty transactions for privacy.
In this chapter we look at how digital signatures work and how they can present proof of control of a private key without revealing that private key.
How Digital Signatures Work
A digital signature consists ...
Get Mastering Bitcoin, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
