Satoshi Signatures
This mini app produces "valid" Satoshi signatures. More specifically, it produces a message hash and a signature that verify when checked against the public key for the genesis Bitcoin address.
Of course this isn't real: I do not possess the private key behind the Bitcoin genesis address! This app constructs a valid hash and associated ECDSA signature with simple math (see details here).
We cannot construct a valid **message** to verify against because it'd require us to find a valid pre-image for that constructed hash. And that would mean breaking sha256.
The lesson here: ECDSA is constructed with a hash function acting as a Random Oracle. If this assumption is violated (in this case, I'm choosing the hash so it's definitely not random!) ECDSA breaks catastrophically; existential forgery attacks become trivial
This is an easy mistake to make when verifying signature. When verifying an ECDSA signature, a verifier **must** compute the message hash themselves. Otherwise they're not verifying anything of value,as this mini-demo demonstrates. I'm clearly not Satoshi!
- Design:
- In-Browser
- Coded with:
- Devtools
- Architecture made of:
- HTML, CSS & JavaScript
