Cryptography is a vital aspect of the Bitcoin blockchain. Without it, the blockchain's security and decentralization will collapse. In the previous chapter, we discussed how hashing—a form of cryptography—works with Bitcoin's Proof-of-Work (PoW) consensus mechanism. You can review what hashing is in the previous chapters.
However, cryptography is not only present in Bitcoin's Proof-of-Work consensus system, but also in the digital wallets people use.
Let’s talk about digital signatures. Think of it as signing a document using Microsoft Word, except more advanced and secure.
To better understand digital signatures, let's draw a real-world analogy with physical signatures. Let's say Pedro wants to sign a document for his new project. Ideally, the signature must consist of the following properties:
2. Not prone to counterfeit
3. Secure from any form of tampering
Unfortunately, the physical and digital signatures we have today do not guarantee all these three properties. Whenever we sign something using a pen or a computer program, there is always a risk of a bad actor copying or tampering with our signature.
Bitcoin's digital signatures are safe from all of that. They're verifiable, secure, and protected from counterfeit. Bitcoin transactions will always require a digital signature before they go through.
Let's examine how this works.
The concept of digital signatures in the Bitcoin network is possible as a result of asymmetric cryptography, which involves a pair of unique keys containing a private and public key. We'll also need to understand what a wallet and a public address are.
A Bitcoin wallet is a digital wallet that can facilitate transactions with other wallets in the network, just like GCash or PayMaya. Most wallets can be downloaded online free of charge, while others are sold in physical retail shops. Each wallet comes with its own private and public key pair.
A private key is a string of random letters and numbers. This is equivalent to the password to your bank account. You should never share this with anyone.
A public key is a string of letters and numbers derived from the private key. This public key is used to generate your wallet's public address. It is safe to share with others.
A public address is a string of random letters and numbers derived from the public key. A wallet's public address is similar to your bank account number wherein you give it when you want to receive bitcoin. It is safe to share with others.
The private and public key pair has a particular property that is vital to asymmetric cryptography. Both these keys can either encrypt a message, while the other can decrypt it. Either key cannot have both functions at the same time in a process.
Encryption is the action of converting a message into an unrecognizable form of data.
Decryption is the action of taking these unrecognizable data back into their original form.
Let's revisit Pedro and Darna's transaction. For Pedro to send his bitcoin to Darna, he must first prove that he owns the coins. How? Through a digital signature.
Digital signatures come into play before Step 1.
Step 0.1: Darna gives Pedro her public address where she wants to receive the two (2) bitcoin.
Step 0.2: Pedro enters Darna's public address into his wallet along with other transaction details such as the amount.
Step 0.3: Pedro's wallet signs the transaction using a digital signature. This proves Pedro's ownership of the two (2) bitcoin that he wants to send.
This is automatically done by the digital wallet. All the user needs to do is to press a button to digitally sign the transaction. Easy peasy.
Step 1: Pedro presses “send” using his Bitcoin wallet and the rest of the steps follow.
How did a digital signature sign a transaction in Step 0.3?
In Step 0.3, Pedro signed (encrypted) the transaction with his private key. The miners in the network then verified (decrypted) the transaction using Pedro's public key, which is available to everyone.
Remember: You can use either the private or public key to encrypt a message and the other to decrypt it.
Simply put, the miners used Pedro's public key to verify if his wallet's digital signature was valid.
Think of it as a transparent safe. In this example, the public key is a key that allows people to see and verify the activity inside it without having direct access or control over the money.
Digital signatures are essential in conducting transactions because through these signatures, ownership of funds is proven in the network without exposing your private key. This is especially important for decentralized networks like Bitcoin since there isn't a central body to verify who owns what.
When you write a check, you use your physical signature. When you send money from an online wallet, you log in using your username and passcode. With Bitcoin, you digitally sign it using cryptography. How cool is that?
Have you ever wondered how much bitcoin there is? Hundreds? Thousands? Millions? Billions even? Check out the next chapter to find out!