4

I am new to bitcoin and I am trying to understand Pay-to-Public-Key-Hash (P2PKH) from the book: Mastering Bitcoin: Unlocking Digital Cryptocurrencies (p. 127). I understand that digital keys (which are derived from private-keys) are not actually stored in the network, but are instead stored by users in a wallet.

For example: Alice wants to send Bob 1-BTC:

---------------------------------------------------------
| Sender:    Hash(alice-public-key)                     |
| Receiver:  Hash(bob-public-key)                       |
| Amount:    1-BTC                                      |
| Signature: Hash(Encrypt_{alice-private-key}(Message)) |
---------------------------------------------------------

Question:

  • So how can we verify this transaction is valid without having the public-key?
  • If we attach the public-key with the message then why spending time finding hash of public-key in the first place?
  • Are we storing the public keys in some centralized database?
  • If the recipient provides the public-key and verifies the transaction is valid how can others validate that was a valid transaction?
smatthewenglish
  • 1,133
  • 10
  • 23
Node.JS
  • 143
  • 3

1 Answers1

2

So how we can verify this transaction is valid without having the public-key?

The signature includes the public key corresponding to the private key that made the signature.

If we attach the public-key with the message then why spending time finding hash of public-key in the first place?

It's not clear what you mean by "the public key". Whose public key are you talking about? Bob's public key isn't in the message.

Are we storing the public keys in some centralized database?

When a public key is submitted with a signature, the public key is in the transaction. The transaction is included in a block, and that block is part of the blockchain forever.

If the recipient provides the public-key and verifies the transaction is valid how others can validate that was a valid transaction?

It's not clear what you mean by "that". To validate a transaction, you just have to make sure it's entitled to claim the funds it tries to claim. You don't particularly care what it does with those funds, just that it has the right to decide what to do with them. So you don't need to know much about the recipients -- only enough to identify them when they come to claim their funds. The hash of their public key does that.

David Schwartz
  • 51,308
  • 6
  • 106
  • 177
  • "The signature includes the public key ..." I understand, it is the of a tx-in? That is, `` is composed of signature, "01" (OP_SIGHASHALL) and then the pubkey. – pebwindkraft Nov 12 '16 at 19:19