Determining the First Byte (Recovery ID) of Signatures on Ethereum
As a developer, it is essential to understand how Ethereum works with signatures and private keys. In this article, we will explore the process of determining the first byte (recovery ID) for signatures in Ethereum.
What is a signature?
A signature on the blockchain is a digital representation of a message that confirms its origin and ownership. It consists of three parts: the signature, the data being signed, and the public key associated with it.
How are signatures created and returned?
When a node (such as a miner) wants to verify the authenticity of a transaction or message, it uses the signature to ensure that the sender has control over the data. The process involves:
- Generating a private key (P)
- Using the private key to create a digital signature using the recipient’s public key (K)
- Storing the digital signature in a database
When someone wants to sign a message, they use their own private key to create a digital signature and send it along with the message. The first byte of this signature is called the
Recovery ID.
Recovery ID Formula
To determine the recovery ID, we need to understand how the algorithm works:
- Start with the sender’s public key (K)
- Add the transaction data (including the message and other relevant information)
- Hash the concatenated data using a cryptographic hash function (e.g., SHA-256 or Keccak-256)
The resulting hash is then used as input to the
Keccak-256 digital signature scheme.
To recover the sender’s private key, we need to follow these steps:
- Extract the first byte of the recovered signature
- Use this byte to calculate a public key (K_prime) using the formula:
K_prime = K * pow(K^(-1), hash digest)
- Combine the extracted private key and the calculated public key to obtain the sender’s private key (P)
Example for presentation
Let’s assume we have a transaction that includes the following data:
Message: « Hello, world! »
Sender’s public key: K = 0x1234567890abcdef
The hash of the concatenated data is generated as follows:
Transaction data: message + sender_data
Digest hash: 0x1234567890abcdef
Using the Keccak-256 digital signature scheme, we obtain a recovered signature with a first octet (the Recovery ID).
Recovering the sender’s private key involves calculating the public key using the formula above.
Conclusion
Determining the first octet (Recovery ID) of signatures on Ethereum is a critical step in verifying message authenticity. By understanding how this process works, developers can build robust cryptographic algorithms and applications that rely on digital signatures. This article provides a comprehensive overview of the Recovery ID formula and its implementation on Ethereum.