Digital signatures are used to authorize bitcoin transactions and are created from private keys and transaction data.

Bitcoin exists as transaction records on a public financial ledger, called a blockchain. To have your transaction added to that ledger you must mathematically prove that you are the rightful owner of the bitcoin – something which can only be done using private keys.

Control of private keys is effectively how you own bitcoin, and therefore keeping them safe, secret, and secure is paramount. The way you authorize a transaction on a public blockchain, while keeping your private keys private is with a digital signature.

A digital signature is a cryptographic code that can only be created using the sender’s private keys, but which can be validated by anyone on the Bitcoin network using the public key. Digital signatures are kinda like signing a paper check (or “cheque” for the non-Americans):

1. Add the transaction information: When you write a check, you must add the recipient’s name, the date, and the amount for the payment.
2. Sign the check: Once the transaction information is added, you write your personal signature, which is unique to you.
3. Payment can be made: Once the check is signed with valid information, its validity can be verified and the transaction can be made.

The key difference is that with digital signatures the private key itself is never revealed to anyone else.

Digital signatures can’t be faked because they’re generated using a cryptographic process that requires the unique private key of the signer that matches the public key. Without access to the private key, it’s computationally impossible for anyone to create a matching digital signature, meaning no one can spend bitcoin unless they control the private keys.

When taking self-custody of your bitcoin, you control the private keys, and your wallet software uses them to create digital signatures for your transactions. If you use a custodial wallet app, like Strike, the app will manage the private keys and create signatures on your behalf.

How does a digital signature work?

Digital signatures are handled by your wallet’s software. When you want to make a transaction, your wallet will construct the transaction by selecting the correct private key to generate the signature. Here’s the basics of how it works:

1. Transaction creation: A user initiates a transaction by specifying an amount of Bitcoin to send, the recipient's Bitcoin address, and a desired fee rate. The Bitcoin wallet software then creates a transaction with the necessary inputs and outputs.
2. Transaction hashing: The transaction data is converted into a unique digital fingerprint called a hash. This hash is a unique, fixed-length sequence of numbers and letters that acts as a summary representation of the entire transaction.
3. Signature generation: The sender's private key is used to encrypt the transaction hash, creating a digital signature. This signature is mathematically linked to the private key, proving ownership.
4. Signature attachment: The digital signature is added to the transaction, which can then be broadcast to the Bitcoin network.
5. Signature verification: Miners and nodes on the Bitcoin network can verify the signature’s validity using the sender's public key.

Digital signatures ensure the authenticity and integrity of a transaction by leveraging the unique relationship between a private and public key. This cryptographic process guarantees that only the holder of the private key could have created the signature, making it a secure and reliable way of authenticating ownership without revealing any sensitive information.