[slides](https://docs.google.com/presentation/d/19K9nVjuSOCrZGM6lmFeEEarTm2xZwDSiZEIzf-Ywr5o/edit?usp=sharing)

[python-ecdsa docs](https://github.com/warner/python-ecdsa)

# Signing our First Message with ECDSA

In [1]:
from ecdsa import SigningKey, SECP256k1

private_key = SigningKey.generate(curve=SECP256k1)
public_key = private_key.get_verifying_key()

message = b"Don't touch that XRP"
signature = private_key.sign(message)

In [5]:
print(private_key.sign(b"one"))

b'\xb7\xc5*\x8d\x96\x17\xcd Y\x9e\xdd\x90\xde\x0fg\x8c\xf1\x1f\x7fa\xf6;_f\xf8\xe8\xa4\xb9\xd7\xf6E\x15\x8c\xf0\xbc~\x88\xfbR\x95\x0b*C\x07\x07\x9ag\xdc\xf4\xef\x12\xcbR\xde\x1e\xb7\xf8\xfc*C\xd9}L\xa5'


In [6]:
print(private_key.sign(b"two"))

b'\x93=\x15\\\x955rJS\xde\x12\xb3Nj\x10\x0f\xd8\xddb\xc0\xf7\xb4\xee6\xbc\x9e}%]5A\\[\x91\xdb5\xa1\x9a\x8e\x1d\xd3\xfa\x83[\xf9\x83\xd18\\\x85\xeaR\x0b\x14\xa8\xe9\xf1\x854ip+)\xfe'


In [11]:
import hashlib

print(hashlib.sha256(b'hi').hexdigest())

print(hashlib.sha256(b'hi').hexdigest())

print(hashlib.sha256(b'hi'*10000000).hexdigest())



8f434346648f6b96df89dda901c5176b10a6d83961dd3c1ac88b59b2dc327aa4
8f434346648f6b96df89dda901c5176b10a6d83961dd3c1ac88b59b2dc327aa4
1aa9c8058cbb12d944b913c02857c20c7081980c795f21446b63755ef731d162


input ---(hash)---> output

input ---(digital signature)---> output
* private & public keys

In [2]:
public_key.verify(signature, message)

True

In [3]:
public_key.verify(signature, b"Nice XRP")

BadSignatureError: 

# Defining ECDSACoin

* A coin is just a list of transfers, just like with PNGCoin. 
    * Where transfers were photographs of signatures in PNGCoin, they are ECDSA digital signatures in ECDSACoin
* The `public_key` in the last transfer is who owns the coin
* To spend the coin append a new transfer. Use the public key of the person you are sending to, and sign it using your private key.

In [None]:
class Transfer:
    
    def __init__(self, signature, public_key):
        self.signature = signature
        self.public_key = public_key

class ECDSACoin:
    
    def __init__(self, transfers):
        self.transfers = transfers

In [None]:
# The usual suspects ... 
# SECP256k1 is a detail about the "magical multiplication" used under the covers

bank_private_key = SigningKey.generate(curve=SECP256k1)
bob_private_key = SigningKey.generate(curve=SECP256k1)
alice_private_key = SigningKey.generate(curve=SECP256k1)

bank_public_key = bank_private_key.get_verifying_key()
bob_public_key = bob_private_key.get_verifying_key()
alice_public_key = alice_private_key.get_verifying_key()

In [None]:
from utils import serialize

def issue(public_key):
    # Create a message specifying who the coin is being issued to
    message = serialize(public_key)
    
    # Create the first transfer, signing with the banks private key
    signature = bank_private_key.sign(message)
    transfer = Transfer(
        signature=signature,
        public_key=public_key,
    )
    
    # Create and return the coin with just the issuing transfer
    coin = ECDSACoin(transfers=[transfer])
    return coin

# Validating the First Transfer

In [None]:
def validate(coin):
    transfer = coin.transfers[0]
    message = serialize(transfer.public_key)
    assert bank_public_key.verify(transfer.signature, message)

In [None]:
# give alice a ECDSACoin
alice_coin = issue(alice_public_key)

validate(alice_coin)

In [None]:
# Example where the signature is done using wrong private key

bad_message = serialize(alice_public_key)
bad_transfer = Transfer(
    signature=bob_private_key.sign(bad_message),  # WRONG SIGNING KEY
    public_key=alice_public_key,
)
bad_coin = ECDSACoin(transfers=[bad_transfer])

In [None]:
from ecdsa import BadSignatureError

try:
    validate(bad_coin)
except BadSignatureError:
    print("Bad signature detected")

# Validating Subsequent Transfers

In [None]:
def transfer_message(previous_signature, public_key):
    return serialize({
        "previous_signature": previous_signature, 
        "next_owner_public_key": public_key,
    })

def validate(coin):
    # Check the first transfer
    transfer = coin.transfers[0]
    message = serialize(transfer.public_key)
    assert bank_public_key.verify(transfer.signature, message)
    
    # Check the subsequent transfers
    previous_transfer = coin.transfers[0]
    for transfer in coin.transfers[1:]:
        # Check previous owner signed this transfer using their private key
        assert previous_transfer.public_key.verify(
            transfer.signature,
            transfer_message(previous_transfer.signature, transfer.public_key),
        )
        previous_transfer = transfer

In [None]:
def get_owner(coin):
    database = {
        serialize(bob_public_key): "Bob",
        serialize(alice_public_key): "Alice",
        serialize(bank_public_key): "Bank",
    }
    public_key = serialize(coin.transfers[-1].public_key)
    return database[public_key]

In [None]:
alice_coin = issue(alice_public_key)

print("This coin is owned by", get_owner(alice_coin))

m1 = transfer_message(alice_coin.transfers[0].signature, bob_public_key)
alice_to_bob = Transfer(
    signature=alice_private_key.sign(m1),
    public_key=bob_public_key,
)
alice_coin.transfers.append(alice_to_bob)
validate(alice_coin)

print("This coin is owned by", get_owner(alice_coin))

m2 = transfer_message(alice_coin.transfers[1].signature, bank_public_key)
bob_to_bank = Transfer(
    signature=bob_private_key.sign(m2),
    public_key=bank_public_key,
)
alice_coin.transfers.append(bob_to_bank)
validate(alice_coin)

print("This coin is owned by", get_owner(alice_coin))

In [None]:
# No errors means the signature was good
validate(alice_coin)

In [None]:
alice_coin = issue(alice_public_key)

m = transfer_message(alice_coin.transfers[0].signature, bob_public_key)
alice_to_bob_forged = Transfer(
    signature=bob_private_key.sign(m),
    public_key=bob_public_key,
)

alice_coin.transfers.append(alice_to_bob_forged)

In [None]:
try:
    # Should raise a BadSignatureError
    validate(alice_coin)
except BadSignatureError:
    print("Bad signature detected")

# Serialization

In [None]:
# The code from last time still works (utils.py)
from utils import to_disk, from_disk

In [None]:
import os

filename = "alices.ecdsacoin"
 
print("Alice's coinfile exists on disk?", os.path.isfile(filename))

In [None]:
alice_coin = issue(alice_public_key)

to_disk(alice_coin, filename)

In [None]:
print("Alice's coinfile exists on disk?", os.path.isfile(filename))

# The Finished Product

[ecdsacoin.py](ecdsacoin.py)

In [None]:
import ecdsacoin

coin = ecdsacoin.issue(alice_public_key)
coin.validate()

message = ecdsacoin.transfer_message(coin.transfers[0].signature, bob_public_key)
alice_to_bob = Transfer(
    signature=alice_private_key.sign(message),
    public_key=bob_public_key,
)

coin.transfers.append(alice_to_bob)
coin.validate()