...by Daniel Szego
quote
"Simplicity is the ultimate sophistication."
Leonardo da Vinci

Sunday, August 5, 2018

Keys and addresses in a blockchain protocol


In a blockchain system, transactions usually form a {sender, recipient, amount} set which are signed by the private key of the sender to make sure the identity. However the exact implementation might vary depending on how the addresses are generated. In the easiest case, an address is simply the public key, consequently signing and verifying look as:

sign: data = sender, recipient, value    with key = private key of the sender
verify: data = sender, recipient, value    with key = sender (which is the public key of the sender)

However if more complicated cases, the public key of the sender is not stored directly, because the address is generated by an additional one way hash function of the public key. So at verifying the transaction, the public key of the sender has to be explicitly transferred or implied somehow:

signdata = sender, recipient, value    with key = private key of the sender
verifydata = sender, recipient, value    with key = private key of the sender, which is however not the same as the address of the sender.