Proving ownership of coins in blockchain
We began to discuss blockchain transactions in the previous article and had a look at how we create blockchain account addresses using public keys. In this article, we will learn more about blockchain account addresses, how they are used to prove ownership of bitcoins and how blockchain transactions work in more detail.
To understand how we use blockchain account addresses to prove ownership, we need to learn how we send and receive bitcoins during transactions.
Here we hit an interesting roadblock. To learn about how an account receives bitcoins, we need to understand how an account sends bitcoins. To learn how an account sends bitcoins, we need to understand how an account receives bitcoins. A classic catch-22 situation.
Nonetheless, we have to start somewhere. So, let’s start by first studying how we send bitcoins to an account and then learn how an account receives bitcoins. After all, one transaction’s output is another transaction’s input and vice versa as we will soon see.
Now, I am going to use the same example I used in my previous article. We have two chunks of bitcoins—one worth 0.75 bitcoin and another worth 0.4. For the time being, let’s assume that these belong to us and that we don’t need to prove ownership. Later, we can see how accounts receive bitcoins and prove ownership.
Blockchain transactions are just sets of inputs and outputs. And they work just like Gold Brokers in our previous article. We input bitcoins and specify to whom we want to output the money. We already have our input, so let’s see how we can output the money to the bookshop.
Before we initiate the transaction, we need to know the bookshop’s blockchain address. We may get this as a QR code which we can decode via an app or as an address string. Either way, this address, as discussed earlier, will be a byte58-encoded string.
To send the money to the bookshop, we need to find their pubkey hash. This is encoded in the address string. Once we decode the address, we will get the pubkey hash along with the address version and checksum.
The Pubkey Script
We can then use the pubkey hash to create the pubkey script. This pubkey script contains the pubkey hash and a few scripts that will be used to validate the transaction. The pubkey hash tells whom we are going to output the transaction to. The scripts in the pubkey script will allow the recipient of this transaction to prove their ownership in the future. We shall learn more about this later.
Since we want to send the money to the bookshop, we will use the bookshop’s pubkey hash to create the pubkey script. Now that we have mentioned who we are sending the money to, it’s time we mention the amount. But remember, we only need to pay them 1 bitcoin but we have input 1.15 bitcoins. We can get back the remaining 0.15 bitcoin by sending it back to our account. So, we can create another pubkey script with our account’s pubkey hash and specify the amount. As you can see, we can actually have many outputs in a single transaction.
Now we have built a transaction. Great, now we can execute the transaction, can’t we? But wait. Remember that we just assumed that the input bitcoins belong to us? To execute this transaction we need to prove that they indeed belong to us.
As we discussed earlier, to be able to spend money, you should have received the money. In other words, in order to input bitcoins into a transaction, we should have received those bitcoins as outputs addressed to our account from some other transactions.
Consider the bookshop that would receive the output of our transaction. They can spend the output bitcoin by using it as an input in a new transaction. Similarly, to be able to perform a transaction, we should have already received bitcoins as output from previous transactions. As we assumed earlier, we have outputs to our account worth 0.75 bitcoin and 0.4 bitcoin. We must have received them from two previous transactions. But how do we prove that these outputs belong to us?
Let’s look at how we output bitcoins to the bookshop in our yet-to-be-complete transaction. Ours had two different outputs each with a pubkey script containing the pubkey hash of the recipient and the amount. The transactions that output our bitcoins to our account should also have similar information. We can prove that we own these bitcoins by referring to these transactions. But how do we refer to these transactions?
Every transaction—its inputs and outputs—can be hashed to produce a unique string. Blockchain hashes transactions twice to ensure better security. That is, a transaction is hashed, and the produced hash is hashed again. This hash serves as the transaction ID (TXID). We can reference a transaction by mentioning the TXID in the input section of a new transaction. However, a transaction can have several outputs. So, we also need to mention the index of the output that belongs to us.
Suppose the bookshop decides to spend the bitcoins we send them. They can refer to their bitcoin by mentioning the ID of the transaction we initiate and the index of their output. Our transaction also sends back the remainder of 0.15 bitcoin to us by using our address. We can use them in a new transaction by referring to the transaction ID and the output index.
Now that we have referenced the transaction and the relevant output, we can prove that the output bitcoins belong to us. The pubkey script in the output of the transaction has a pubkey hash which is the hash of our public key. We have the private key corresponding to that public key. Using the private key, we should be able to prove that the output belongs to us but how do we do that?
Coming to our rescue are digital signatures we learned about earlier. We can prove ownership using the digital signature of transactions. To produce a digital signature of a transaction, we can hash the transaction—its inputs and outputs—twice and then encrypt it with our private key to produce the digital signature.
We then use this digital signature to create the signature script, which we will be attaching to the transaction. The signature script contains both the digital signature of the transaction and our public key.
To verify ownership, we can decrypt the signature using the public key in the signature script. Since only the signature produced using my private key can be decrypted by my public key, this proves that I signed the transaction. I can hash the public key twice and show that it is the same as the pubkey hash in the pubkey script of the outputs of the previous transactions that I use as inputs in the current transaction to show that I own these bitcoins.
Thus, we not only prove that the bitcoins belong to us, but we also prove that I am who I claim to be, and it is I who am sending my money to the bookshop.
We have now seen how we can prove ownership of bitcoins. We have also seen how ownership can be verified superficially. In the next article, let’s look at how transactions are verified in more detail.
[…] discussed proving ownership of bitcoins in the previous article. Let’s discuss how verifying transactions works at length in this […]