Replying to Avatar Jay

I'm looking at the white paper, and it only shows the sender signing a combination of his utxo's hash and the recipient's public key. Where does the address come into the picture and how does the signature work out if the recipient's public key is obfuscated in that signature?

I think you explained that in your note but it went over my head.
Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

The addresses are the out points, there is usually 2 but there can be any number, and each of these addresses designate the spending key for next time. The signature itself, when combined with the hash of the transaction, reveals the public key the address is derived from, and thus proves the right of ownership.

The public key is hidden until the tx is lredy history. This means also that quantum computers don't matter so long as you don't reuse and continue to hold coins at the dress.

The signature logarithm is based on a specific number series that is derived from a tiny seed, which is too small to manipulate to back door it, meaning to hide numbers in it that allow multiple solutions. The other ones used in blockchins do not have this property.

The vulnerability that was discovered that led to segwit related to the ECDSA signatures, which llow a much larger set of other solutions that is referred to as malleability. Schnorr signatures, like used in nostr, and taproot, don't have this problem. They can also be used in the same way here the txid hash and signature reveal the public key, but lso make it easy to function like a keychain, creating a mechanism for encoding multiple codes tied to a single key, which can be used to represent the lternte pths of execution of a smart contract.

Reply to this note

Please Login to reply.

Discussion

Avatar
Comte de Sats Germain 1y ago

Geniuses... F'n geniuses...

Your A key isn't hitting

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

yeah, touchscreen display is not great on the edge... you can tell i'm using it because it puts capital letters and especially missing teh A and often breaks a sentence by putting a full stop in there

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

yeah just wanted to clear something, each utxo has to be signed on, and that reveals the public key, the specification of where they go is defined by the out points

in the transaction there is inpoints, which are the address that is spent to, and outpoints, which is where you are sending them... if you have had two payments go to an address, you can spend those with one signature that authorises that address balance to move

so if you are spending a larger amount, you will often have several signatures to create, and usually all but one will be going to one destination, by joining utxo's to spend them into one new balance at a new addresn, so yeah they can be split and joined, and from the point of view of an observer, it can be unclear which is change and which is payment, also, this is one of the core problems with chain analysis, because a better design of transaction can defeat any notion of which is payment and which is change, in fact, for example you could conceivably ask someone to give you 3 addresses to send to, and make 4 of your own change addresses, and who's gonna know which is which?

this is a neat thing you can do with Bitcoin Core also, in the settings enable coin control and you can be selective about everything, including, if you create several of your own change addresses manually, make it entnirely impossible to determine what is "spending" and what is not.

Avatar
Jay 1y ago

Thanks for explaining all this 🙏

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

sorry it was all disorganised tho... i'm not an expert on bitcoin scripting exactly, but i understand the cryptography, that's an area where i'm a low key expert