Asymmetric Cryptography On The Ethereum Blockchain
By Colin Sheppard on ALTCOIN MAGAZINE
The terms: public key, private key, wallet address, signed transaction; all play a role in allowing a user to execute a transaction on a blockchain, but many people struggle to understand what they mean and how they work. I aim to give you an intuitive understanding of the interplay of these terms on the Ethereum blockchain.
In this article I will provide:
- An Introduction to signatures with public and private keys with a non-blockchain-related use case- Giving the same explanation three times from the perspective of 100, 50, and 10 feet.
- An Introduction to public and private keys in the context of the Ethereum blockchain- Relating section 1 to the Ethereum blockchain.
Section 1: An Introduction To Signatures With Public And Private Keys With A Non-Blockchain-Related Use Case
100 ft — Highest level explanation: Let’s say Alice is a member of Bob’s Bank. Alice wants to send a message to Bob: “Send $1 to Jimmy”. Alice wants to be sure that no one changed her message along the way. So here is how Alice would accomplish this using her public and private key:
- Alice “locks” her message with her private key, and then sends the message to Bob.
- After Bob receives the message, he can now “unlock” the message with Alice’s public key and know that Alice was the true sender of the message.
- Bob can now read the message “Send $1 to Jimmy” and update his ledger book to reflect this transaction (-$1 from Alice’s account, +$1 to Jimmy’s account)
50 ft — Medium level explanation: (same scenario as 100 ft but with a little more detail) So again, let’s say Alice want to send her “Send $1 to Jimmy” message to Bob and she wants to be sure that no one changed her message along the way. Here is how Alice would accomplish this using her public and private key but this time with a little more detail:
- Alice generates a hash of her “Send $1 to Jimmy” message. In this context, a hash is a function that takes an input and returns a fixed-length output. For example “h(x) = x mod 10” would be a simple version of such a function. Alice then signs the hash with her private key. A private key signature is the output of a function “f(hash, private_key)” that would be nearly impossible to recreate unless you had the exact same “hash” and “private_key” as input to your function.
- Alice sends Bob the original message “Send $1 to Jimmy” along with the signed hash of the message.
- Bob receives the original message “Send $1 to Jimmy” along with the signed hash of the message. Bob then recreates the hashed version of the original message and uses Alice’s public key to verify that the signed hash was created by Alice’s private key.
- Bob can now update his ledger book to reflect this transaction (-$1 from Alice’s account, +$1 to Jimmy’s account)
10 ft : (same scenario as 100 ft but with code) So for the third time, Alice wants to send her “Send $1 to Jimmy” message to Bob and she wants to be sure that no one changed her message along the way. Here is how Alice would accomplish this using her public and private key but this time using actual code:
- In the code above, Alice plugs her message into the Wallet.sign function. The wallet.sign function hashes the input and then uses the nodejs “elliptic” library to generate a signature.
- After Bob receives the message, he can use the keyFromPublic.verify function from the same nodejs “elliptic” library to verify that the message that Alice sent matches the signature that she provided.
- Bob can now read the message “Send $1 to Jimmy” and update his ledger book to reflect this transaction (-$1 from Alice’s account, +$1 to Jimmy’s account).
Section 2: Public And Private Keys In The Context Of The Ethereum blockchain
But how does the explanation of public and private keys from section 1 relate to the Ethereum blockchain?
Back in section 1, Alice sent a message to Bob, and Bob validated that Alice was the true sender of the message. In section 2, it’s the same idea but instead of Bob validating that Alice was the true sender of the message, the Ethereum blockchain will validate that Alice was the true sender of the message.
In section 2, Alice wants to use her public and private key pair on the Ethereum blockchain to send her ERC20 token to her friend Jimmy.
Also in section 2, instead of Alice sending the message “Send $1 to Jimmy”, Alice’s message will send a command “send 1 Token to Jimmy” on the Ethereum blockchain.
So in our example, the EVM (The Ethereum Virtual Machine is what you call Ethereum “computer” while it is carrying out tasks for you, this is what executes the “send 1 Token to Jimmy” command). The EVM validates the command the same way Bob validated the message in section 1. If the EVM determines that the command came from Alice, it will execute and the token smart contract will be updated to reflect the transaction (-1 token from Alice’s account, +1 token to Jimmy’s account).
Conclusion
Blockchains are heralded as new and revolutionary (which they are) but like any new technology, it stands on the shoulders of its predecessors. The Ethereum blockchain relies heavily on public and private keys which have existed in computing long before their use on the blockchain. Creating a digital signature is just one use case for asymmetric keys but there are others; for example, public and private keys are also used by GitHub for encrypting and decrypting data between the remote host and the client. I personally work with this technology every day at my company Realblocks to provide people greater access to alternative investments. Hopefully after reading this article you have gained an understanding of how public and private keys are being used in a new and interesting way with the Ethereum blockchain.
