This is the 3rd post in the series “The Building Blocks of Blockchain”. You can find the introductory post of the series here.
On a heavy oak stool, there lay a small scroll. She carefully unrolled the scroll, as two keys slipped out from inside it. One of them was copper, the other one golden. She noticed a strange scripture on the scroll:
That which gold petrifies, none but copper shall undo.
“What’s this?” she asked. “It’s an enchanted key pair.”, he replied. “Enchanted?” she asked, as her eyes lit up with thrill. “Try it! Take the golden key and lock that chest over there.” Timberdoodle turned around and saw a small wooden chest, full of brass gears, nuts, and bolts. There was a rusty padlock hanging on its staple. She shut the chest and locked the padlock on it with the golden key.
A piercing cracking sound enveloped them, as the chest suddenly turned into stone. She quickly tried to unlock the padlock in panic, but the golden key wouldn’t turn. “I can’t open it!” she panicked. “Relax.” Hokumpoke comforted her — “Remember what the scroll said.”
Timberdoodle pondered for a second, and then picked up the copper key. She put it in the padlock and turned it to the left. The padlock clicked open, and the chest stood agape in a flash, just as wooden as before.
I’d like you to give yourself a moment to really visualise this little scene of Timberdoodle and her two keys.
Timberdoodle herself was rather confused by the event, and she didn’t quite get why anyone would want to make such a silly pair of keys. She decided to go home and sleep on it.
While she’s asleep, I’d like to tell you a story from the other end of the forest.
Contracts Are Weird
At least I always thought so. You have a big pile of papers saying all kinds of things you’re supposed to agree to. If you scribble your name on the last page of the pile, you’ve signed the contract. Anyone who holds this pile of papers now has proof that you have agreed to everything that’s written on it.
What I always found weird about them, was that it seemed so easy to game the system. I could easily swap out one of the pages in the contract to add a clause saying that you owe me a lifelong supply of peanuts. I wouldn’t even have to touch your signature. But it wouldn’t be that hard to fake your signature either. It’s illegal to do either of those things, but it’s not impossible. If someone did do that to you, you would have to pursue legal action, which is such a drag, and the process takes ages.
Now, when it comes to cryptocurrencies, their purpose is to carry out transactions. But what’s in a transaction? Not much more than this:
- Signature of the sender
It’s basically a contract saying that the sender is giving the recipient a certain amount of money. Since thousands of these transactions have to be carried out every second, it should be quite obvious that making it possible but illegal to change the transaction data or to fake the signature just won’t cut it. It has to be impossible.
Fortunately for us, digital signatures don’t quite work like paper signatures. Like paper signatures, they guarantee the contents of what is signed and they guarantee the identity of the party signing it. Unlike paper signatures, they make it impossible to change contents, and impossible to falsify identity.
Timberdoodle’s Enchanted Key Pair
The magical ingredient that makes digital signatures possible are so-called asymmetric key pairs. They work just like Timberdoodle’s enchanted key pair. They’re called asymmetric because each of them only works one way. The golden key can only lock the chest, and the copper key can only unlock the chest.
In reality, these keys are just very very large numbers. The golden key, i.e. the one that’s used for locking, is called the private key; and the copper key, i.e. the one that’s used for unlocking, is called the public key. Locking in this sense means encrypting a message, and unlocking means decrypting it.
- Golden key = private key, a large number used for encrypting messages
- Copper key = public key, a large number used for decrypting messages
- Locking/unlocking = encrypting/decrypting a message
Here’s an example of such a key pair, to give you an idea about what “very very large number” means:
Private key: 93155050515612370983163764633558747339007116928401713662183993588125059212302 Public key: 65044426400941893018565888471404011024052903416091989803275131610548528439975929483145666179707753254797354298707623581314170512855135822986652814617423560
Yes, each of those two is just one large number, and yes, they’re so big they don’t fit in one row. It’s very easy for a computer to generate such a pair of keys, but once they’re generated, it’s practically impossible to figure out the private key based on the public key.
A message encrypted with a private key can only be decrypted with its corresponding public key that was generated with it, and no other. The reverse is also true — if you can decrypt a message with a public key, you are certain that it was encrypted with its corresponding private key. This is the secret sauce of digital signatures, so I’ll repeat it.
If you can decrypt a message with a public key, you are certain that the message came from the person who has the corresponding private key.
Let me help you visualise that for a second. Let’s say Hokumpoke decides to keep the golden key, and Timberdoodle takes the copper key home with her. A couple of days later, Meerkat the mail man delivers a locked chest to Timberdoodle. She unlocks the chest with the copper key and finds a message inside. Because she was able to open the chest with the copper key, Timberdoodle is now sure that the message came from Hokumpoke, since only he has the golden key.
The message reads:
So Timberdoodle decides to hide her grapes.
How Does This Work in a Blockchain?
If you’ve ever traded cryptocurrency, it probably all started with you having to create an account using a wallet app. What the wallet app actually does when creating an account, is — you guessed it —it generates a new private and public key. The private key is never shown, and never sent. Using the wallet app usually requires a password. This password is used to encrypt your private key before it’s stored on your hard drive, to prevent others from getting your private key if they steal your laptop. The wallet then shows you your new address. An address is like a bank account number in cryptocurrencies. In effect, it’s just a truncated variation of your public key. You then possibly shared this address with a friend of yours to send you some of that cryptocurrency.
To send you some cryptocurrency really just means that they submitted a signed transaction to be added to the blockchain. Remember what a transaction looked like:
- Address of the recipient
- Signature info of the sender
The signature information of the sender consists of the signature and the sender’s public key. And now for the million dollar question.
What is the Signature of the Sender?
To create the signature, the wallet app performs the following 2 steps:
Generating a Signature
- Compute the hash of the transaction data (amount and recipient address)
- Encrypt that hash using the private key of the sender
This encrypted hash of the transaction is in effect the digital signature of the transaction. For a quick refresher on how hashes work, I recommend reading my previous post. The following is an actual example on some sample data. It’s just there to help you visualise the steps, there’s no need to understand any of the values themselves.
Amount: 0.001 ETH Address: 0x48e233335976fb09c99c04b6232b3e5619deeefd --- Hash of transaction data above: 0xe1b01aa0e707e0a7dfcf1122dee01ce02a8dc581ad4f5320711a177f76830207 Signature (above hash encrypted using the sender's private key): MEUCIQDnFAMFHCJjkxGu+dvFZqxzmvN7uMVf5Y1wSinebiTJ6wIgCFoN2Ak04YgGnRVM12uy7wXsoo45xM8MChNwAov46TY= Sender's public key: 0x0454f9a87062a097d7d171032d394ef1ef1d05232bd31226bc4abda15bfd18427613b20b9038b02994b7c851b4433703ec0e7046ee201f1c2b740af20f28cb1410
So how can someone check if this signature is legit?
Validating a Signature
- Compute the hash of the transaction data (amount and recipient)
- Decrypt the signature using the public key of the sender
- Check if the decrypted signature from step 2 is equal to the computed hash of the transaction from step 1
If the comparison in step 3 checks out, the signature is valid.
Amount: 0.001 ETH Address: 0x48e233335976fb09c99c04b6232b3e5619deeefd --- Computed Hash of transaction data above: 0xe1b01aa0e707e0a7dfcf1122dee01ce02a8dc581ad4f5320711a177f76830207 Signature: MEUCIQDnFAMFHCJjkxGu+dvFZqxzmvN7uMVf5Y1wSinebiTJ6wIgCFoN2Ak04YgGnRVM12uy7wXsoo45xM8MChNwAov46TY= Decrypted signature (using the sender's public key): 0xe1b01aa0e707e0a7dfcf1122dee01ce02a8dc581ad4f5320711a177f76830207
The decrypted signature above is equal to the computed hash, so this signature is valid.
Meerkat the Mail Man Meddles
This probably doesn’t look like much of a signature to you yet. To understand why it really is a signature, let’s see if it makes it impossible to change the contents, and impossible to falsify identity. Let’s ask Meerkat the mail man to help us with that by trying to meddle with our transactions.
What if Meerkat changes the transaction data?
If Meerkat changes e.g. the address of the recipient in the transaction, the hash computed in step 1 of the validation will be different from what we get in step 2, so the validation will fail. Meerkat is busted.
What if Meerkat changes the signature data?
If Meerkat just randomly messes with the signature data, step 2 of validation will just fail, because it will not be possible to decrypt the signature at all. Meerkat is busted.
What if Meerkat changes the data AND generates a new signature?
Meerkat will only be able to generate a new signature using a private key. He doesn’t have the original sender’s private key. The only private key he may have is his own private key. If he generates a new signature with his own private key, Meerkat is practically making himself the sender of the transaction. This means it would be Meerkat’s money that would get transferred. Meerkat just “falsified” a transaction by sending us his own money. Nice going, Meerkat.
What if Meerkat forges the sender’s signature?
It is impossible to generate a valid signature without knowing the original sender’s private key. Meerkat gives up on this idea.
What if Meerkat steals the sender’s private key?
That’s a pickle. The sender’s funds are as good as gone. Meerkat now has access to all of the sender’s money. This is why people go to great lengths to keep their private key safe.
There we have it. A fundamental building block for security in blockchain. It boils down to the following 3 points:
- A sender proves a message came from them by signing the message using the private key
- The proof lies in the fact that only the sender can possibly know the private key
- Anyone who knows the public key of the sender can validate the sender’s digital signature
I should note 2 more important points regarding digital signatures.
- Just like hashes, digital signatures are not a mechanism of encryption. A digital signature is sent alongside the data that is signed, but that data is not encrypted. You can choose to encrypt the data, but that’s done separately. In Bitcoin and Ethereum, none of the transaction data is encrypted.
- Digital signatures are absolutely ubiquitous, even outside of blockchain. See that padlock in the address bar of your browser as you’re reading this? That says that your computer received digitally signed information that the page you’re reading really came from Medium.
You know when you touch your credit card on one of those payment devices in a store? There’s actually a tiny computer on your card that uses the private key stored in the card to digitally sign the transaction.
Is This Relevant for the Energy Industry?
Digital signatures are absolutely groundbreaking for the future of the energy industry. One big use case that I’m personally particularly thrilled about is making the origin of renewable energy traceable.T he big enabler for this will be smart meters which are able to digitally sign their measurements. The idea is that these smart meters would be connected to sources of renewable energy like e.g. solar panels on a rooftop. By knowing which public keys belong to smart meters connected to renewable sources, we can prove that a piece of energy came from a renewable source.
This is a big topic which deserves a post of its own, and I’ll make sure to write one once I’m done with the building blocks series. The good news though, is that Germany is already in the process of rolling out smart meters which can produce digital signatures. What a time to be alive! 🙌
Next building block: Distributed Ledgers & Mining
Was that interesting and understandable? Did I share some horrible misinformation? Do you disagree with me? Do you have any questions? Please let me know in the comments or on LinkedIn, or on Twitter :)
The illustration for the Tale of the Enchanted Key Pair was made by Roza for this post. You may reuse it under a Creative Commons (CC) license, so please link to this post if you do.