Todd Price, Curriculum Specialist at BSV Academy, discussed digital signatures and their role in identity within the context of Bitcoin at the London Blockchain Conference 2023. He covered topics such as what digital signatures are, their purpose and role in redefining digital identity.
He explained the core of Bitcoin’s protocol as chains of digital signatures, delving into the process, mathematical relationships of public and private keys, and the one-way functions involved. Additionally, he highlighted an innovative privacy model in Bitcoin and demonstrated a tool to simplify the signing of Bitcoin transactions, aiming to aid students in understanding transaction scripting and templates.
What are digital signatures
Digital signatures are unique numerical values that ensure a document’s unchanged status over time. The elliptic curve digital signature algorithm (ECDSA) is employed by Bitcoin for transaction reconciliation and security. However, when dealing with transactions above a certain value, identity elements such as email addresses or shipping details become necessary.
Properly executed, these digital signatures hold legal weight, equivalent to a handwritten signature in many jurisdictions. The algorithmic nature of digital signatures allows for interoperability between systems, ensuring secure and instant transactions at the core of the Bitcoin protocol. The security of digital signatures is affirmed by compliance with technical standards set by entities like NIST.
Chain of digital signatures
Price emphasised that the core of the Bitcoin protocol lies in electronic coins, which are defined as chains of digital signatures. He clarified that the concept of a Bitcoin as a specific unit is somewhat misleading. Instead, each Bitcoin is like an envelope, and the Unspent Transaction Output (UTXO) model defines a fixed number of Satoshi tokens within these envelopes.
These tokens are locked with a predefined mathematical puzzle, typically requiring an electronic digital signature to solve. Once the puzzle is solved, the coins can be spent, and the process involves chaining together public keys, hashes, and digital signatures. This chaining ensures a traceable provenance back to the original issuance by miners onto the network.
Public and private keys
Price explained the process of the digital signature algorithm, outlining the steps involved. The algorithm begins with a message, which undergoes hashing to create a fixed-length output. This hash function is deterministic and one-way, making it impossible to deduce the original message from the hash. The hash digest is then mutated with the private key, generating a unique numerical value similar to a handwritten signature.
This signed message, along with one public key, can be shared, allowing the other party to verify the signature using the disclosed key. There exists a mathematical relationship between the private and public keys, governed by a one-way function, specifically the elliptic curve discrete logarithm problem, making it computationally easy in one direction but extremely difficult, almost impossible, to reverse. Price discussed these functions in the following.
One-way functions
The concept of a one-way function achieved through modulo arithmetic is often referred to as clock arithmetic. In modulo arithmetic, calculations focus on the remainder after a function is performed, similar to reading time on a clock. In the context of elliptic curve digital signatures (ECDSA), a clock face with a large prime number of hours is created.
The elliptic curve’s unique property is that any operations performed on its values yield another point on the curve. This is likened to adding hours on a clock face, where, for instance, 10 plus 3 may not equal 13 but could circularly equal 1, highlighting the cyclic nature of the operations.
Elliptic curve point arithmetics
The concept of elliptic curve point arithmetics was further explained by Price. It is a unique form of arithmetics where operations on points within the curve yield another point on the curve. When dealing with points P and Q, drawing a line that intercepts them and the curve results in a point, which is the negative inverse of the addition process, represented as minus P plus Q.
The symmetrical nature allows for flipping and convergence of values. Point doubling, akin to dealing with two identical values, is employed to generate a large number (public key) by mutating a private key through multiple rounds of doubling. To enhance efficiency, the binary representation of the string is utilised, allowing for swift multiplication of a 256-bit key in 256 operations.
Elliptic curve Diffie-Hellman algorithm
Price introduced the Diffie-Hellman key exchange, a process allowing the generation of a shared secret between two parties over a public channel. In this scenario, Alice and Bob each possess a private value and share a common public value. By applying a process to these values, they create separate discrete values that can be exchanged over the public channel.
Through a process of factorisation, they arrive at a shared secret value known only to them. This shared secret can then be used to encrypt communications or derive other key pairs, ensuring secure communication between the parties, which led to the discussion of the privacy model.
Privacy model
In the Bitcoin privacy model, everything is decoupled from one another, and identity management is relegated to second-order systems based on specific use cases. This stands in contrast to the conventional privacy model, where trusted third parties, such as credit card providers, banks, and payment networks, pose vulnerabilities and potential points of data breaches.
By generating a fresh key pair for each transaction, Bitcoin creates a system where all elements are detached from identity. This decentralised approach requires attackers to target individual transactions rather than a central vault, enhancing overall security and privacy.
Demo: Signing a Bitcoin transaction
Price demonstrated a tool he built to demystify the process of signing a Bitcoin transaction. He used an isolated node with stripped security parameters to generate key pairs, create spendable transaction outputs, and build a transaction from scratch. He went through the manual steps of converting values, specifying transaction details, and creating a transaction preimage using the Elliptic Curve Digital Signature Algorithm.
Finally, he signed the transaction, generated a digital signature, and attempted to broadcast the transaction to the reg test network. Despite encountering an error, he explained the typical confirmation process and highlighted the potential for manual errors in the complex process. The tool aims to help students understand Bitcoin transaction scripting and templates, providing a glimpse into the rich potential for handling various transactions in commerce.