5. How is the integrity of a transaction ensured within the blockchain environment?
To ensure the integrity of a transaction in the blockchain environment, first-- the participants must be correctly identified in the distributed environment. This is done by getting the right identifying addresses of the participants. Second, it must be verified that the sender is authorized to proceed with the transaction. Finally, we need to check that the content of the transaction has not been manipulated or distorted.
Let’s see how a clever combination of public-key cryptography and hashing is used to ensure the integrity of a transaction.
Public-private Cryptography and Hashing in Action
Using a public key/private key pair, addresses are generated. A random number of 256 bits is generated as a private key, secured by a passphrase. This private key is typically run through an elliptic-curve cryptography
(ECC) algorithm to generate a public key. This is what we refer to as the public-private key pair. Following that, the hashing function is finally applied to the public key in order to obtain the address.
Now that we have the address, a transaction can be initiated. The transaction data is hashed and encrypted. This is our digital signature
. The receiver gets both the original data and a digitally signed, secured hash. The receiver can then decrypt and get the hash of original data to compare it with the received hash ensuring the integrity of the document. To recap:
- Hash of the data fields in the transactions is identified.
- After that, the hash is encrypted by the private key of the participant who initiated the transaction. Essentially, this will be the digital signature authorizing the transaction.
- This hash will then be verified by others on the distributed network. A complex process is followed where the sender’s public key is used to
recompute the hash of transaction
in order to compare it with the hash received through digital signature. A match means the transaction is verified. Other verifications, including but not limited to the verification of account balance, timestamp and nonce are also done for a complete transaction.
