Back to glossary

Signature

Table of Contents

What is signature

In decentralized systems, a signature is a cryptographic verification of the authenticity and integrity of activity on a blockchain network, including digital messages, transactions, and smart contract interactions. It ensures that transactions are authorized by the holder of a private key without revealing the key itself, enabling trustless communication on decentralized networks.

How a signature works 

A digital signature is generated when a message or transaction is signed with their private key and can be verified by anyone using the corresponding public key to confirm:

  • The message originated from the rightful owner.
  • The data has not been altered.

In Ethereum, signatures consist of three components: r, s, and v, derived from the Elliptic Curve Digital Signature Algorithm (ECDSA). 

The r value represents a point on the elliptic curve related to the message hash, while s is derived from the private key and ensures the signature’s uniqueness. The v value helps the network determine which of the possible public keys corresponds to the private key that generated the signature, allowing for address recovery during verification.

Functions of a signature

  • Authentication: Verifies the ownership of an account without exposing the private key.
  • Integrity: Ensures the signed data is unaltered.
  • Non-repudiation: Once a signature is attached to a transaction, the signer cannot deny having signed it. This property is essential for trustless interactions on blockchains, ensuring that all actions can be attributed to specific users.
  • Authorization: In smart contract interactions, signatures authorize specific actions. For example, token transfers, permission grants, or contract upgrades require signatures to ensure that only the holder of the private key can perform them.

Types of signatures in blockchain

Different types of digital signatures are used across blockchain networks based on the network’s underlying cryptographic algorithms:

  • ECDSA: The standard digital signature algorithm in Ethereum and most EVM-compatible blockchains. ECDSA provides a balance between security and computational efficiency, making it suitable for decentralized networks. It is used in Ethereum, Polygon, Avalanche, Arbitrum, and Optimism.
  • Edwards-curve Digital Signature Algorithm (EdDSA): Commonly used in zero-knowledge rollups (ZK-rollups) and privacy-focused protocols, EdDSA offers faster signature generation and verification than ECDSA. It also provides deterministic signatures, meaning the same message and key always produce the same signature. Chains and protocols using EdDSA include ZKsync, Starknet, and Aleph Zero.
  • Boneh–Lynn–Shacham (BLS)  signatures: This type of signature is used in scenarios where signature aggregation is required. In Ethereum, for example, BLS signatures enable multiple validators to sign the same message and have their signatures be aggregated into a single compact signature. This reduces on-chain storage requirements and verification costs. Other protocols using BLS signatures include Chia Network, Celo (for validator consensus mechanisms), and Dfinity’s Internet Computer (for threshold cryptography and decentralized consensus).

Signature use in smart contracts

In blockchains that support smart contracts, including Ethereum and EVM-based blockchains, signatures enable various advanced functionalities:

  • Meta-transactions: Allow users to sign transactions off-chain, which relayers then submit on-chain. This means users can interact with decentralized applications (dApps) without holding the native token (like ETH) for gas fees. The dApp or a third party pays the gas cost, enhancing the user experience.
  • Permit functions (EIP-2612): Introduced in EIP-2612, permit allows users to approve token transfers through a signed message without sending an on-chain transaction. This approach eliminates the need for a separate approval transaction, saving gas costs and simplifying user interactions.
  • Off-chain message verification: Enables smart contracts to confirm off-chain agreements by verifying user signatures on-chain using ecrecover.
  • Role-based access control: Allows only authorized users to execute contract functions based on signature verification.

Signature verification process

The verification process involves confirming that a given signature corresponds to a specific message and public key. In Ethereum, the ecrecover function is commonly used to recover a signer’s address from the signature. The recovered address is then compared to the expected address to verify authenticity.

For example, given a message hash and a signature, a smart contract can execute:

address signer = ecrecover(messageHash, v, r, s);
if(signer != expectedSigner) revert InvalidSigner();

If the recovered address matches the expected signer, the signature is considered valid, ensuring only authorized users can execute contract functions.

Applications of signatures

  • Decentralized exchanges (DEXs): Signatures authorize trades without the need for on-chain approvals. Users sign orders off-chain, and only successful trades are settled on-chain, reducing gas costs.
  • Multi-signature wallets: Require multiple valid signatures to authorize transactions, enhancing security for managing large amounts of funds.
  • Decentralized identity (DID): Signatures play a role in proving ownership of digital identities. Users can sign cryptographic proofs to verify that they control specific accounts without revealing sensitive information.

Security considerations

  • Replay attacks: A replay attack occurs when a valid signature is maliciously reused to execute the same transaction multiple times. This can happen if a blockchain does not distinguish between unique transactions. To mitigate this, blockchains include unique nonces in signed data, ensuring that a signature is valid only for a specific transaction and cannot be replayed on the same or a different network.
  • Signature malleability refers to the ability to alter a signature without invalidating it. This can potentially lead to transaction replay or double-spending attacks. Ethereum enforces strict signature formats to prevent these modifications, ensuring that only a single valid signature representation exists for a given message.
  • Private key safety: The security of a digital signature depends entirely on the secrecy of the private key. If an attacker gains access to a private key, they can generate valid signatures and perform unauthorized transactions.

Conclusion

A signature is a fundamental component of blockchain infrastructure, enabling secure, trustless interactions between users, smart contracts, and dApps. It ensures transactions and messages are authentic, untampered, and authorized by the holder of a private key. It powers essential blockchain functionalities like meta-transactions, token permits, and validator participation in Ethereum, ensuring secure and efficient interactions.

Related Terms

No items found.
Cyfrin Updraft
Learn smart contract development, how to write secure smart contracts, and scalable protocols from world's leading experts.
Join Cyfrin Updraft for free
Paper plane icon
Weekly newsletter
Carefully crafted, short smart contract security tips and news freshly delivered every week.

Read about our

privacy policy
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Share this blog post