Video: Blockchain Architecture - Introduction To Signatures

## An Introduction to Cryptographic Signatures Welcome to our lesson on cryptographic signatures, the mathematical foundation that secures blockchain transactions. Before we dive in, it's important to distinguish between "crypto" as in cryptocurrencies and "cryptography." Cryptography is the underlying science of secure communication that makes cryptocurrencies possible. It allows us to verify that a transaction is authentic and truly comes from the person who claims to have sent it. ### Signing and Sealing: A Physical Analogy To understand how digital signatures work, let's imagine a real-world scenario. Suppose I want to send a physical letter to my friend, Patrick. I write my message, sign my name at the bottom, and place it in an envelope. For extra security, I seal the envelope with a unique wax stamp that only I possess. When Patrick receives the letter, he can instantly verify two crucial things: 1. **Integrity:** The wax seal is unbroken, proving the message hasn't been opened or tampered with in transit. 2. **Authenticity:** He recognizes my unique seal, confirming the letter is genuinely from me. This process of signing a message and sealing it with a unique identifier is a perfect analogy for how cryptographic signatures secure transactions on the blockchain. ### The Core Components of Blockchain Identity Digital identity and security on the blockchain rely on a system called **public key cryptography**. This system gives every user a pair of mathematically linked keys. Let's break down each component. #### Private Key The **private key** is the most critical piece of secret data you own. Think of it as your unique signature stamp from our analogy. It is used to create a digital signature for any message, such as a transaction. * **Function:** To sign and authorize transactions. * **Security:** Your private key must be kept secret at all times. **Never share it with anyone.** If someone gains access to your private key, they gain complete control over your account and can sign transactions to steal your funds. #### Public Key The **public key** is derived from your private key and is safe to share with others. In our analogy, this is like your public mailbox address. * **Function:** To allow others to verify that a signature was created by the corresponding private key. * **The One-Way Relationship:** You can easily generate a public key from a private key, but it is computationally impossible to reverse the process and derive a private key from a public key. This one-way function is what makes public verification possible without compromising your security. #### Wallet Address An Ethereum **wallet address** is a shorter, more convenient version of your public key—like a nickname for your mailbox. It is derived by taking the Keccak-256 hash of your public key and using the last 20 bytes (40 hexadecimal characters), prefixed with `0x`. This is the address you share to receive funds. #### Seed Phrase A **seed phrase** (or mnemonic phrase) is a list of 12 or 24 words that acts as the master key for your entire wallet. * **Function:** All of your private keys are deterministically derived from this single phrase. If you lose access to your wallet, you can restore it on any device using only your seed phrase. * **Security:** Protecting your seed phrase is the single most important rule of wallet security. If someone gets your seed phrase, they have access to *every account* and all the funds within that wallet. #### Digital Signature A **digital signature** is the unique piece of data generated when you sign a message (like a transaction) with your private key. A valid signature proves two things: 1. **Authenticity:** The message was signed by the owner of the private key associated with a specific public address. 2. **Integrity:** The content of the message has not been changed or tampered with since it was signed. ### A Practical Demonstration: ECDSA Signatures Let's walk through how these concepts work in practice using the ECDSA Signatures demo, which you can find at **`demos.updraft.cyfrin.io`**. 1. **Generate a Seed Phrase:** The process begins by generating a 12-word seed phrase (e.g., "either", "today", "family", "jar"...). This is the root of your wallet's identity. 2. **Derive Private Keys:** From this single seed phrase, multiple private keys can be derived for different accounts (Account 0, Account 1, etc.). Each private key is a long, unique hexadecimal string. 3. **Derive Public Keys:** Next, a corresponding public key is generated from each private key using elliptic curve cryptography. This step visually demonstrates the one-way relationship from private to public key. 4. **Generate Addresses:** From each public key, the shorter, user-friendly Ethereum wallet address is generated. This is the public identifier for sending and receiving assets. 5. **Sign a Message:** Now, we can sign data. Let’s take two examples: * **Custom Message:** We type a simple message: `Hi Patrick, SmartContractProgrammer is really cool! From Cira`. We then sign it using the private key for Account 0. The result is a unique digital signature. * **Ethereum Transaction:** We construct a transaction with fields like `to`, `value`, and `nonce`. This entire block of data is treated as the message. Signing it with a private key produces a signature that authorizes the transfer of funds. 6. **Verify the Signature:** The final step is verification. To confirm a signature is valid, a verifier (like the blockchain) needs three things: the signer's public address, the original message, and the signature itself. * **Valid Case:** If you provide the correct address, the original, unaltered message, and the corresponding signature, the verification passes. * **Invalid Case (Tampered Message):** If even a single character in the message is changed (e.g., from "Cira" to "Jess"), the signature no longer matches the message. The verification will fail, proving the message's integrity has been compromised. * **Invalid Case (Wrong Signer):** If you try to verify the signature against the wrong address (e.g., using Account 1's address for a signature made by Account 0), the verification will fail. This proves the message's authenticity and confirms who signed it. ### The Golden Rules of Wallet Security The cryptographic principles that secure a small transaction are the same ones that secure the entire multi-billion dollar blockchain ecosystem. Your security depends on protecting your secrets. * **DO NOT EVER** share your private key or seed phrase with anyone or any website. * Never type your seed phrase or private key into a website. * Never store them in plain text on your computer, in the cloud, or in a digital message. * Never take a photo of them with your phone. In our next lesson, we will explore **Proof of Stake**, where we will see how these same signature principles are used by network validators to sign and secure entire blocks, ensuring the integrity of the whole blockchain.

An Introduction to Cryptographic Signatures

Welcome to our lesson on cryptographic signatures, the mathematical foundation that secures blockchain transactions. Before we dive in, it's important to distinguish between "crypto" as in cryptocurrencies and "cryptography." Cryptography is the underlying science of secure communication that makes cryptocurrencies possible. It allows us to verify that a transaction is authentic and truly comes from the person who claims to have sent it.

Signing and Sealing: A Physical Analogy

To understand how digital signatures work, let's imagine a real-world scenario. Suppose I want to send a physical letter to my friend, Patrick. I write my message, sign my name at the bottom, and place it in an envelope. For extra security, I seal the envelope with a unique wax stamp that only I possess.

When Patrick receives the letter, he can instantly verify two crucial things:

Integrity: The wax seal is unbroken, proving the message hasn't been opened or tampered with in transit.
Authenticity: He recognizes my unique seal, confirming the letter is genuinely from me.

This process of signing a message and sealing it with a unique identifier is a perfect analogy for how cryptographic signatures secure transactions on the blockchain.

The Core Components of Blockchain Identity

Digital identity and security on the blockchain rely on a system called public key cryptography. This system gives every user a pair of mathematically linked keys. Let's break down each component.

Private Key

The private key is the most critical piece of secret data you own. Think of it as your unique signature stamp from our analogy. It is used to create a digital signature for any message, such as a transaction.

Function: To sign and authorize transactions.
Security: Your private key must be kept secret at all times. Never share it with anyone. If someone gains access to your private key, they gain complete control over your account and can sign transactions to steal your funds.

Public Key

The public key is derived from your private key and is safe to share with others. In our analogy, this is like your public mailbox address.

Function: To allow others to verify that a signature was created by the corresponding private key.
The One-Way Relationship: You can easily generate a public key from a private key, but it is computationally impossible to reverse the process and derive a private key from a public key. This one-way function is what makes public verification possible without compromising your security.

Wallet Address

An Ethereum wallet address is a shorter, more convenient version of your public key—like a nickname for your mailbox. It is derived by taking the Keccak-256 hash of your public key and using the last 20 bytes (40 hexadecimal characters), prefixed with 0x. This is the address you share to receive funds.

Seed Phrase

A seed phrase (or mnemonic phrase) is a list of 12 or 24 words that acts as the master key for your entire wallet.

Function: All of your private keys are deterministically derived from this single phrase. If you lose access to your wallet, you can restore it on any device using only your seed phrase.
Security: Protecting your seed phrase is the single most important rule of wallet security. If someone gets your seed phrase, they have access to every account and all the funds within that wallet.

Digital Signature

A digital signature is the unique piece of data generated when you sign a message (like a transaction) with your private key. A valid signature proves two things:

Authenticity: The message was signed by the owner of the private key associated with a specific public address.
Integrity: The content of the message has not been changed or tampered with since it was signed.

A Practical Demonstration: ECDSA Signatures

Let's walk through how these concepts work in practice using the ECDSA Signatures demo, which you can find at demos.updraft.cyfrin.io.

Generate a Seed Phrase: The process begins by generating a 12-word seed phrase (e.g., "either", "today", "family", "jar"...). This is the root of your wallet's identity.
Derive Private Keys: From this single seed phrase, multiple private keys can be derived for different accounts (Account 0, Account 1, etc.). Each private key is a long, unique hexadecimal string.
Derive Public Keys: Next, a corresponding public key is generated from each private key using elliptic curve cryptography. This step visually demonstrates the one-way relationship from private to public key.
Generate Addresses: From each public key, the shorter, user-friendly Ethereum wallet address is generated. This is the public identifier for sending and receiving assets.
Sign a Message: Now, we can sign data. Let’s take two examples:
- Custom Message: We type a simple message: Hi Patrick, SmartContractProgrammer is really cool! From Cira. We then sign it using the private key for Account 0. The result is a unique digital signature.
- Ethereum Transaction: We construct a transaction with fields like to, value, and nonce. This entire block of data is treated as the message. Signing it with a private key produces a signature that authorizes the transfer of funds.
Verify the Signature: The final step is verification. To confirm a signature is valid, a verifier (like the blockchain) needs three things: the signer's public address, the original message, and the signature itself.
- Valid Case: If you provide the correct address, the original, unaltered message, and the corresponding signature, the verification passes.
- Invalid Case (Tampered Message): If even a single character in the message is changed (e.g., from "Cira" to "Jess"), the signature no longer matches the message. The verification will fail, proving the message's integrity has been compromised.
- Invalid Case (Wrong Signer): If you try to verify the signature against the wrong address (e.g., using Account 1's address for a signature made by Account 0), the verification will fail. This proves the message's authenticity and confirms who signed it.

The Golden Rules of Wallet Security

The cryptographic principles that secure a small transaction are the same ones that secure the entire multi-billion dollar blockchain ecosystem. Your security depends on protecting your secrets.

DO NOT EVER share your private key or seed phrase with anyone or any website.
Never type your seed phrase or private key into a website.
Never store them in plain text on your computer, in the cloud, or in a digital message.
Never take a photo of them with your phone.

In our next lesson, we will explore Proof of Stake, where we will see how these same signature principles are used by network validators to sign and secure entire blocks, ensuring the integrity of the whole blockchain.

An Introduction to Cryptographic Signatures

Signing and Sealing: A Physical Analogy

The Core Components of Blockchain Identity

Private Key

Public Key

Wallet Address

Seed Phrase

Digital Signature

A Practical Demonstration: ECDSA Signatures

The Golden Rules of Wallet Security

Introduction To Signatures

What you'll learn

Course Description

Who is this course for?

Potential Careers

Meet your instructors

Thanks for checking us out

What you'll learn

Course Description

Who is this course for?

Potential Careers

Meet your instructors