Скачать книгу

to send, say, Bitcoin, to someone else, you send an encrypted message to the blockchain saying “send x.xx of my Bitcoin to this address.”

      But wait. I just told you the blockchain isn’t encrypted, and now I’m telling you the messages to the blockchain are encrypted! So why do you care if the message going to the blockchain is encrypted if you’re just going to decrypt it anyway?

      So, what’s the purpose of encrypting a message with the private key? Not to secure it, obviously, because anybody can decrypt it. No, the purpose is to sign the message (transaction) and prove ownership of the associated public key.

      Signing messages with the private key

      Say that I publish my public key on my website, in my emails, and on my business cards. Now, one day you get a message that seems to come from me. But how can you be sure it’s from me? Well, I encrypted the message using my private key. So, you take my public key (which is publicly available) and use it to decrypt the message. If the message really is from me, my public key will decrypt it, and you’ll be able to read it. If it isn’t, the decryption won’t work, because it came from someone else.

      So, by encrypting the message with the private key, I have in effect signed the message, proving that it came from me. The recipient knows that the message was created by the person holding the private key that is associated with the public key that opened the message up and made it readable.

      The blockchain address — your money’s home

      All the cryptocurrency in the blockchain is associated with addresses. Here’s one I just grabbed from the Bitcoin blockchain using the blockchain explorer at blockchain.com, for example:

       1L7hHWfJL1dd7ZhQFgRv8ke1PTKAHoc9Tq

      Trillions of different address combinations are possible, so this address is fundamentally unique. Now, where did this address come from? It came from a wallet that generated it from the private key. That wallet contains a public key and a private key.

The public key is associated with the private key; in fact, it’s created from the private key. The address is associated with the public key; in fact, it’s created from the public key. So, all three are mathematically, and uniquely, associated with each other.

      Sending a transaction message

      So, here’s how cryptography is used when you want to send a transaction to the blockchain, to transfer a cryptocurrency balance to another person. Say there’s an address in the blockchain with Bitcoin associated with it. When I checked, 1L7hHWfJL1dd7ZhQFgRv8ke1PTKAHoc9Tq had a balance of 0.10701382 Bitcoin. Now, say this is your Bitcoin, and you want to send, perhaps, 0.05 Bitcoin to a friend, an exchange, or a merchant from whom you are buying a good or service.

      

The address I use in this example is a real address; you can see it for yourself in a blockchain explorer. (Use this link to get to it: https://blockstream.info/address/1L7hHWfJL1dd7ZhQFgRv8ke1PTKAHoc9Tq.) At the time of writing, it had 0.10701382 Bitcoin. By the time you see it, the number may be different, of course.

      You send a message to the blockchain saying, essentially, “I own address 1L7hHWfJL1dd7ZhQFgRv8ke1PTKAHoc9Tq, and I want to send 0.05 Bitcoin to address 1NdaT7URGyG67L9nkP2TuBZjYV6yL7XepS.”

      If I just sent a plaintext (unencrypted) message to the blockchain, there would be a huge problem of verification and validity. How would the Bitcoin node receiving this message know that I do indeed own this address and the money associated with it? I could just be spoofing this information and making this up, right?

      What we do is use the wallet to sign the message using the private key associated with the address. In other words, we use the private key to encrypt the message. Then we take the public key, add it to the encrypted message, and send it all out across the cryptocurrency network.

      MESSAGE TO THE BLOCKCHAIN

      How do you send a message to the blockchain? That’s what your wallet software does. In fact, wallet software is less like a wallet — your wallet contains no cryptocurrency — and more like an email program. Your email program sends messages across the email network. Your wallet sends messages (about transactions) across the cryptocurrency network.

      Unraveling the message

      So, the node — a computer containing a copy of the cryptocurrency blockchain — receives the message. It takes the public key that has been attached and decrypts the message. The node learns something: “This message must have been encrypted — signed — by the private key associated with the public key.” Of course, that’s not really saying much. It’s virtually a tautology! By definition, if the public key can decrypt a message, the message must have been encrypted with the matching private key. Whoop-de-doo.

      But remember, the public key is mathematically associated with the address 1L7hHWfJL1dd7ZhQFgRv8ke1PTKAHoc9Tq. So now the node can examine the two, asking in effect “Is the public key associated with the address?” If the answer is yes, then the node also knows that the private key is associated with the address (all three are uniquely associated with each other). So, what does the node tell itself?

       “This message, sending money from 1L7hHWfJL1dd7ZhQFgRv8ke1PTKAHoc9Tq, was sent by the private key that was used to create this address … so the address must have been sent by the person who owns the address and therefore owns the money associated with the address.”

      

I know this concept can be confusing; it’s hard to “get your head around.” So here’s another way to think about it: The only person who could have sent an encrypted message with transaction instructions for this address along with the public key that originally created the address is the person controlling the associated private key — that is, the owner of the address and the money associated with it, thus verifying ownership and validating the transaction.

      WHOEVER OWNS THE PRIVATE KEYS OWNS THE MONEY

      Okay, so maybe there are more people with access to the key. But as far as the technology is concerned, it doesn’t matter. Whoever has access to the private key has the cryptographic right to control the money assigned to the blockchain address associated with the key. You may hear the phrase “whoever has the private key owns the money” or “not your private key, not your Bitcoin.” They may not have acquired it legitimately or legally own it, but they can control it nonetheless. So, protect your private keys!

      PSEUDONYMOUS CRYPTOCURRENCIES

      Some cryptocurrencies are more anonymous than others. Bitcoin, for example, is often termed pseudonymous because it’s only partially anonymous. Imagine that someone subpoenas transaction records from an exchange and discovers that you purchased

Скачать книгу