A bit of cryptography: Bitcoin Cash and digital signatures
To create Bitcoin, Satoshi Nakamoto brought together the foundational building blocks of cryptography and pieced them together in such a way as to produce a secure, scalable, censorship-resistant, and properly incentivized monetary system over time to ensure its permanence. Needless to say, each of these parts is itself an amazing achievement of human ingenuity. Just as the printing press, the airplane, and the Internet were not a creation that came out of nowhere, and had prior building blocks, Bitcoin depends on each of those pillars working properly.
One of them, crucial to the task at hand, is cryptographic signature algorithms. One cannot underestimate the importance they have today, both in ordinary communication with any server and in securing and authenticating military secrets. In the case of the Bitcoin protocol, the purpose sought to be fulfilled by the use of these technologies is the following: to assure the network that, given a message—a transaction authorizing the spending of certain coins—and a signature, only the holder of the public key associated with those coins can have produced the corresponding signature.
This is where we begin to enter the interesting world of mathematics that powers the cryptography we use every day in every Bitcoin Cash transaction. The idea is to employ a pair of asymmetric keys (one private, which the user keeps secret, and one public, which can be known by anyone). The public key is derived from the private one, but the reverse process is impossible. To make it easier to understand, let's take an example:
Suppose Alan wants to send 2 BCH to Barbara. He must make up a transaction—using a coin software—containing the following information, which must be publicly accessible:
The coins he wishes to spend.
The addresses to which he wants the network to associate the new coins.
The corresponding signature, produced by the private key associated with Alan’s address, to that particular transaction.
The miners—who are in charge of securing the network and adding new valid transactions to the blockchain—verify that the data provided by Alan is correct. If so, they will leave a record that those 2 BCH become linked to Barbara’s address, who must repeat the process. In the event that the signature does not match the transaction being attempted or the public key of Alan's addresses, the entire transaction will be declared invalid, and no miner will include it in the blockchain.
What if a malicious user wanted to impersonate Alan to illegitimately spend his coins? In that case, he would have to produce a cryptographically valid signature that the network must accept. Assuming that he does not know Alan's secret key, this task will be simply impossible.
What if, instead, Alan produces a transaction with a valid signature to Barbara, but Carlos alters it so that instead of Barbara he receives the funds? In that case, the signature will not correspond to the information present in the transaction in question.
This simple principle of operation is what makes Bitcoin orders of magnitude more secure than any other money transfer system, such as bank transfers or credit cards. In the Bitcoin model, it is only the user who can make and make payments. Moreover, making a payment does not reveal private information that could be used by an attacker to make illegitimate transactions in the future in your name. If we compare it to the huge industry of credit fraud and credit card number theft scams, we see why Satoshi’s is the most secure and preferable model to use in the future.
Bitcoin has traditionally used the signature system known as ECDSA (Elliptic Curve Digital Signature Algorithm). Compared to other existing systems, it has several notable advantages that make it suitable for use within Bitcoin: the signatures produced are compact, cryptographically secure and verification is fast. In addition, it was implemented in most cryptographic libraries in the Satoshi era, which made it easy to produce new programs for Bitcoin.
However, in recent years, new options with different benefits have been investigated. Without losing the properties mentioned above, are there other algorithms that can be used? The answer is yes, and one of them stands out from the rest: Schnorr signatures.
Schnorr signatures are not a very new concept. In fact, their origin dates back to the 1980s, although the patent only expired in 2008. The principle of operation is similar, as they can be applied on elliptic curves. However, they have interesting properties. Given two pairs of public (p1 and p2) and private (k1 and k2) keys, a public key p3 can be created such that its associated private key k3 is equal to k1 + k2 without having to reveal these two keys. This makes it possible to produce multiple signature algorithms whose transactions are indistinguishable from regular transactions (useful for privacy preservation).
Schnorr signatures are somewhat more compact and can be clustered, so that in the future they could be used extensively to save disk space (i.e., Bitcoin Cash would be even more scalable). Moreover, they can also be used within onchain smart contract schemes. The possibilities are limitless.
Like everything else, this requires ingenuity and brainpower, but also knowing how to produce a system that is enduring over time.