Comment on page

# Digital Signatures

Cryptographic signatures are a key component in popular blockchain cryptocurrencies such as Bitcoin and Ethereum. The cryptographic signature algorithm used by Bitcoin and Ethereum is the Elliptic Curve Digital Signature Algorithm (ECDSA), and this algorithm is used for validating transactions, ownership, and even message signatures. Ethereum crypto wallets, which are essentially Ethereum accounts, are entities on the Ethereum network with an Ether balance that can send transactions on the network. Ethereum accounts are made up of a cryptographic pair of keys: public and private [2], and they can be used to sign transactions or messages and also prove the validity of signatures.

Although the private and public key pairs associated with Ethereum accounts are mainly used for the purpose of signing and validating transactions, they can be used to sign messages, and this ability serves as a core functionality of the Phynite Protocol. When using the ECDSA, private keys can be combined with messages to generate values known as signatures. These signatures, unlike the results of encryption algorithms, are nearly impossible to revert. However, with the combination of the original message, the address of the private key it was signed with (the public key), and the signature, the validity of the signature can be verified.

Signing using ECDSA works as follows [3]:

*ECDSA signatures consist of two numbers (integers): r and s. Ethereum also uses an additional v (recovery identifier) variable. The signature can be notated as {r, s, v}.*

*To create a signature you need the message to sign and the private key (dₐ) to sign it with. The “simplified” signing process looks something like this:*

- 1.
*Calculate a hash (e) from the message to sign.* - 2.
*Generate a secure random value for k.* - 3.
*Calculate point (x₁, y₁) on the elliptic curve by multiplying k with the G constant of the elliptic curve.* - 4.
*Calculate r = x₁ mod n. If r equals zero, go back to step 2.* - 5.
*Calculate s = k⁻¹(e + rdₐ) mod n. If s equals zero, go back to step 2.*

*Because we use a random value for k, the signature we get is different every time. When k is not sufficiently random, or when the value is not secret, it’s possible to calculate the private key using two different signatures (“fault attack”). The random generation methods of k varies depending on wallet providers, and tend to be pseudo-random enough where fault attacks are not common.*

Verification using ECDSA works as follows [3]:

*In order to verify a message, we need the original message, the address of the private key it was signed with, and the signature {r, s, v} itself.*

*The simplified process for recovering the public key looks like this:*

*Calculate the hash (e) for the message to recover.**Calculate point R = (x₁, y₁) on the elliptic curve, where x₁ is r for v = 27, or r + n for v = 28.**Calculate u₁ = -zr⁻¹ mod n and u₂ = sr⁻¹ mod n.**Calculate point Qₐ = (xₐ, yₐ) = u₁ × G + u₂ × R.*

*Qₐ is the point of the public key for the private key that the address was signed with. We can derive an address from this and check if that matches with the provided address. If it does, the signature is valid.*

As most participants in the Web3 space have Ethereum crypto wallets, they can use the private keys associated with their accounts to easily sign the standard legally binding contracts of the Phynite Protocol using the Elliptic Curve Digital Signature Algorithm. Furthermore, the legally binding contracts between guardian companies and their users should be signed by such companies using their own Ethereum Accounts prior to the user signing the legally binding contracts, and this could serve beneficial legally, in terms of security, and validity; the reasoning behind such benefits will be explained in the next section. When the digital signatures are created, they can serve as receipts to the validity of legally binding contracts between the company and the user, and when this signature is uploaded onto a distributed and immutable file system such as IPFS, such signatures become tamper-proof.