2

I have been studing ECDSA signature/verify for a while. By my understanding: the standard ECDSA signature/verify process (which we find on text book) are like below: enter image description here - A sender combines message and its ECC public key (pk), do hash, then using ECC sk (private key) to generate signature; it then append the signature with the message (ECC pk include), send all these to receiver;

  • The receiver do ECDSA verify by using the ECC pk, the message and the signature output true or false;

Question1: for EOS signature verify process looks not likely align to a standard ECDSA signature verify above:

A EOS node may need do two kinds of ECDSA signature verify:

1). Check each Tx signature--from code it use a routine naming as get_signature_keys, indicate it recovers the pk? Then follow up by a routine naming as check_authorization (this does not like a real signature verification, I couldn't understand what a "check authorization" means--by all mean it does not like a signature verify);

2). Check a Block's signature, this routine (name as "verify_signee") however, looks likely a real ECDSA signature verify.

Question2: I know BTC/ETH may adopt quite different method as they are PoW so each miner must do signature verification for each Tx inside a block, but as they have much more time (several minutes) than in EOS, they would be using the standard ECDSA verification?

LeonMSH
  • 121
  • 7

2 Answers2

1

The two questions are somehow related. The answer to your question (2) is no. In BTC/ETH, signature verification is like the first method you mentioned: the verifier extracts the public key from the signature, hash it, and compare the results to the address where the coin comes. If so, the signature is valid.

The main reason why this is used instead of the normal ECDSA verification is that when you verify a signature, you don't have the public key, but only an address that is the hash of the public key. Therefore you cannot verify using the normal procedure. The key recovery procedure is another way to verify signatures without much security loss.

Edit to add: The signature is generated using the normal ECDSA signature algorithm. Recovering the public key from a signature is a well-known trick. For example, it is documented in Section 4.1.6 of SEC 1. See also one of the answers for this question for a better explanation. Note it is possible to recover two candidate public keys from a signature, but as I said, this is not going to result in much security loss. See the discussion here.

Now for the "check authorization" part, a transaction in EOS may require authorization from one or more accounts. So the system verifies that the transaction has been signed by all of the necessary signatures to grant the specified authorization.

Then for the block signature verification, in EOS, there are only 21 producers that can generate blocks. Each producer has a producer key. This is the key for signing blocks and identifying themselves. This key cannot sign transactions on EOS, it can only sign blocks. Therefore it cannot transfer or claim EOS. The producer public key is known by parties who verify blocks, thus the normal ECDSA verification is used.

Changyu Dong
  • 4,198
  • 15
  • 15
0

Thanks so much for help from @Changyu Dong.

Here I'd like to put another chart to show my understand to a EOS based ECDSA Tx sign and verify process.. If anything not right please just correct and further discuss is welcome..

enter image description here

The EOS client signing process refer to a lot from here: https://eosforce.github.io/Documentation/#/zh-cn/eosforce_client_develop_guild?id=_3-%e4%ba%a4%e6%98%93

LeonMSH
  • 121
  • 7