Intermediate Bitcoin

How does Bitcoin Really Work? This is a more advanced study than what we have done for beginners on our main Bitcoin page. Make sure you understand the videos and explanations there before moving on to this page.

Digital signature / SHA-256 Cryptographic Hash Algorithm / Computational Work / Ledger / Computationally infeasible / Hash Function / Proof of Work /

Digital signature

Digital signature is used in Bitcoin to provide a proof that you own the private key without having to reveal it (so proves that you are authorized to spend the associated funds). The digital signature, additionally, makes sure that a transaction cannot be modified by anyone after signed.

A digital signature is actually created by the elliptic curve digital signature algorithm (ECDSA).

The digital signature scheme consists in two parts: 1) signing, where you use the private key to produce a digital signature and 2) verifying, where the message and the public key can be used to check the digital signature has been really made with the private key associated to that public key.

For practical uses, the most important elements to be aware of are the following:

The digital signature is created using your private key;
the digital signature is an offline procedure: no internet connection is needed, you just need your private key (important for example when creating cold wallets);
the digital signature + the public key are enough for nodes to verify that the private key associated to that public one, has been made such a signature;
the digital signature is normally made using a wallet system. Using an hardware wallet, all the signature process is done internally to the device and the already signed transaction is going out from the device;

the digital signature thus is needed to move funds and interact with the Bitcoin network.

In Bitcoin we have the transaction (like a message) and the private key, which is used as signing key for the message (transaction).

The digital signature can be applied to the whole transaction and so committing all the inputs and outputs (and any other transaction field). Otherwise we can use the digital signature to commit only a subset of the transaction itself.

the SIGHASH is 1 byte that is to be appended to signature and indicates which part of the transaction data is included in the hash signed by private key.

For the above mentioned reasons, in bitcoin, each input can be signed independently. This means that the digital signatures involved need not to belong to the same owners. Same is also for inputs. This makes possible to create particular transactions named coinjoin, in which multiple owners are involved to generate a privacy enhanced transaction scheme.

SHA-256 Cryptographic Hash Algorithm

A cryptographic hash (sometimes called ‘digest’) is a kind of ‘signature’ for a text or a data file. SHA-256 generates an almost-unique 256-bit (32-byte) signature for a text.

A hash is not ‘encryption’ – it cannot be decrypted back to the original text (it is a ‘one-way’ cryptographic function, and is a fixed size for any size of source text). This makes it suitable when it is appropriate to compare ‘hashed’ versions of texts, as opposed to decrypting the text to obtain the original version.

Such applications include hash tables, integrity verification, challenge handshake authentication, digital signatures, etc.

‘challenge handshake authentication’ (or ‘challenge hash authentication’) avoids transmissing passwords in ‘clear’ – a client can send the hash of a password over the internet for validation by a server without risk of the original password being intercepted
anti-tamper – link a hash of a message to the original, and the recipient can re-hash the message and compare it to the supplied hash: if they match, the message is unchanged; this can also be used to confirm no data-loss in transmission
digital signatures are rather more involved, but in essence, you can sign the hash of a document by encrypting it with your private key, producing a digital signature for the document. Anyone else can then check that you authenticated the text by decrypting the signature with your public key to obtain the original hash again, and comparing it with their hash of the text.

SHA-256 is one of the successor hash functions to SHA-1 (collectively referred to as SHA-2), and is one of the strongest hash functions available. SHA-256 is not much more complex to code than SHA-1, and has not yet been compromised in any way. The 256-bit key makes it a good partner-function for AES. It is defined in the NIST (National Institute of Standards and Technology) standard ‘FIPS 180-4’. NIST also provide a number of test vectors to verify correctness of implementation. There is a good description at Wikipedia.

Safely Storing Bitcoin for the long term

Theft and the risk of being hacked are top concerns when designing a protocol and solution to safely store bitcoin for the long term. Taking the time to learn the latest technology and using the most secure products will give you a better chance of holding on to your bitcoin.

Here are the tools used in a random storing solution that was designed for educational purposes

Tor Software - is open source software allowing anonymous internet communication. The Wasabi Desktop wallet makes this a seamless integration.

Bitcoin Core - Run your own full node

NORDVPN - When making Bitcoin transactions on your desktop wallet, it is a good practice to use a VPN. This prevents your ISP or hackers listening in on your connection from tying your IP address (and therefore your personal identity) to your Bitcoin transactions. It’s a good privacy practice that is cheap and easy to implement.

Desktop Wallet - Specter Desktop or Sparrow Bitcoin Wallet or The Wasabi Desktop - All are desktop GUI optimized to work with Bitcoin Core FULL Node and work with Hardware wallets.

Hardware wallet - Cold Card - Only hardware wallet with option to never be connected to a computer, for full operation: from seed generation, to transaction signing. Uses PSBT (BIP174) natively!