Author

Topic: What do you actually sign in P2PKH? (Read 111 times)

member
Activity: 90
Merit: 91
December 05, 2022, 02:11:40 AM
#4
There is scriptSig and scriptPubKey. And when you provide scriptPubKey — you provide your public key and some opcodes are added. But when you provide scriptSig — what do you sign?

I wrote it in 2019 so it's not up-to-date with taproot & co, but maybe it can someway help you, as far as you are starting from the bases:
https://github.com/baro77/btcUnlockingLockingScriptCS

 
legendary
Activity: 3472
Merit: 10611
December 04, 2022, 11:59:33 PM
#3
As you asked: 'What do you sign?' -- you sign the whole transaction.
Technically you sign the modified transaction (eg. replacing all signature scripts with empty except the input being signed that is replaced by a modified spending script) and how much of it you sign depends on the SigHashType that is used in the signature (ALL/SINGLE/NONE+ANYONECANPAY).
hero member
Activity: 882
Merit: 5834
not your keys, not your coins!
December 04, 2022, 07:34:28 PM
#2
I generally recommend Learnmeabitcoin as a resource for introduction to more technical topics.

In the article I linked to, they explain how scriptPubKey is the locking script.
There are different possible script types, but the most common nowadays is P2PKH. It can be unlocked by providing the original public key and correct signature (this tuple is the scriptSig).

Code:
OP_DUP OP_HASH160 fde0a08625e327ba400644ad62d5c571d2eec3de OP_EQUALVERIFY OP_CHECKSIG

In short: The 'opcodes added' duplicate the public key, perform the hash160. The result lies on the stack. Then, the script pushes the (hardcoded into the transaction) public key hash to the stack and verify that these 2 public key hashes match. Finally, the signature is matched against the public key.

More information about P2PKH here.

As you asked: 'What do you sign?' -- you sign the whole transaction.
More about transactions here.
jr. member
Activity: 33
Merit: 22
December 04, 2022, 07:04:07 PM
#1
There is scriptSig and scriptPubKey. And when you provide scriptPubKey — you provide your public key and some opcodes are added. But when you provide scriptSig — what do you sign? What data you sign when spending your bitcoins: all data for the locked output or all data in new input? Just a little confused about the principle of the algorithm and how it works technically
Jump to: