What is a digital signature?

In the last article, we looked at public-key cryptography and its features. In this part, we will look at the digital signature, which is a typical example of using public-key cryptography.

Signing is a common task that everyone experiences in life. When you make a card payment or write a contract, you also write your signature. There are two main effects that can be achieved through signatures. The first is Authenticity, and the second is Non-Repudiation. (Integrity is also an important factor, but not essential for understanding, so I will skip it)

Let's say the school you graduated from issues a graduation certificate and submits it to the company. Graduation certificates include the signature (seal) of the school division. When you submit the certificate to the company, the company can tell by looking at the signature to verify that the certificate is indeed a school-issued certificate. From your point of view, it is used for the purpose of confirming to the company that it is a certificate issued by the school. This characteristic is called Authenticity.

When you make a transaction through internet banking or similar, you sign it. From the bank's perspective, the purpose of the signature here is to ensure that the sender cannot deny the fact that he has approved the transaction, that is, the sender cannot say "I never sent money" afterward. This non-repudiation feature is important to the bank because the bank has verified the details of your transfer and even if you deny it later, the bank would have their justification for adjusting the amount.

What if someone writes and digitally signs a transaction to transfer the asset that they do not actually own? A digital signature contains public key information, from which an address, information can be obtained to identify the user. The signer and sender of the transaction history must match, and if the sender does not have an asset, the digital signature will not be accepted on the network and will not be uploaded to the blockchain. Similarly, while the digital signature is valid, but if the transaction details are invalid, then this transaction will also not be accepted on the network.

Now you know that you need a digital signature to make a transfer in a blockchain environment, and you need a private key to create a digital signature. Through this, in order to transfer assets from the blockchain, the signer's assets stored in the blockchain must exist.

If so, how can the recipient of the transfer, verify the assets they have received? Also, how can the receiver take over the 'authority of use' for the transferred amount? If it is simply a bank, the bank can manage it by decrementing A's balance in the database and increasing B's balance, but in the blockchain, you need to understand the address. In the next article, we will look at the concept of 'address' and the hash function, which is a cryptographic system for creating addresses.