Transaction Signing

Signing generates a digital signature using the sender's private key, which mathematically proves they own the assets and authorizes the transaction. This signature is verified by the network using the corresponding public key without exposing the private key.

• Core Mechanism: Applies a signature algorithm (e.g., ECDSA, EdDSA) to the transaction hash.
• Immutability: Any change to the transaction data invalidates the signature, preventing tampering.

A cryptographically signed transaction provides non-repudiation, meaning the signer cannot later deny having authorized it. The signature is uniquely tied to their private key and the specific transaction data.

• Legal & Audit Trail: Creates an unforgeable record of consent, crucial for compliance and dispute resolution.
• Accountability: Essential for DeFi interactions, governance votes, and any on-chain agreement.

The signature seals the exact state of the transaction—including recipient, amount, gas parameters, and nonce. This ensures the transaction executed on-chain matches the user's intent.

• Hash Binding: The signature is computed over the transaction hash, a unique fingerprint of all its data.
• Prevents Malleability: Robust schemes (like EIP-1559's chain ID inclusion) prevent third parties from altering a valid signature to change the transaction.

Advanced signing schemes like EIP-4337 Account Abstraction or EIP-3074 allow fee delegation, where a third party (a relayer or dapp) pays the network gas fees. The user still signs the core transaction action.

• User Experience: Enables gasless transactions, lowering adoption barriers.
• Separation of Concerns: Decouples payment for network resources from the execution of logic.

A single signature can authorize a complex bundle of operations, improving efficiency and user experience. This is central to EIP-4337 UserOperations and wallet session keys.

• Gas Efficiency: Reduces overhead compared to signing each action individually.
• Atomicity: Ensures a set of actions either all succeed or all fail, crucial for complex DeFi strategies.

Different cryptographic schemes offer trade-offs in security, size, and functionality.

• ECDSA (secp256k1): Standard for Bitcoin and Ethereum.
• EdDSA (Ed25519): Used by Solana and StarkNet; often faster and more secure.
• Schnorr Signatures: Enables signature aggregation (MuSig), improving Bitcoin scalability.
• BLS Signatures: Allows efficient aggregation across many validators, used in Ethereum's consensus.

The two primary cryptographic algorithms for digital signatures. ECDSA (Elliptic Curve Digital Signature Algorithm) is used by Bitcoin and Ethereum, where a private key signs a transaction hash to produce a (r, s, v) signature. EdDSA (Edwards-curve Digital Signature Algorithm), specifically Ed25519, is favored by Solana and other modern chains for its performance and deterministic nonce generation, reducing implementation risks.

An Ethereum standard for signing human-readable, structured data instead of opaque hexadecimal strings. It enables off-chain signature verification for:

• Secure login (Sign-In with Ethereum)
• Complex order placement (DEX limit orders)
• Vote delegation (governance) The signature payload includes a type definition and domain separator, making the signer's intent clear and preventing phishing attacks on blind signatures.

A cryptographic technique that distributes a private key across multiple parties or devices. No single entity holds the complete key, requiring collaboration to generate a signature. This enables non-custodial institutional wallets and advanced key management with features like:

• Threshold signatures (e.g., 2-of-3 approval)
• Geographic distribution of key shares
• Elimination of single points of failure Services like Fireblocks and Coinbase use MPC to secure billions in assets.

Physical computing devices that safeguard cryptographic keys and perform signing operations in a hardened, isolated environment. They are the gold standard for institutional custody and high-value validator nodes. Key characteristics include:

• FIPS 140-2 Level 3+ certification for tamper resistance
• Secure key generation that never exposes the private key
• High-performance signing for staking and trading operations Ledgermatic and other enterprise providers integrate HSMs into their infrastructure.

An open protocol for secure communication between decentralized applications (dApps) and wallet apps. It establishes a remote signing session via QR code or deep link, allowing users to approve transactions from their mobile device. This standard:

• Decouples signing from the browsing environment for security
• Supports multi-chain operations through a single session
• Has become the de facto standard for wallet-to-dApp interaction, with widespread adoption across Ethereum, Solana, and Cosmos ecosystems.

Wallets where the account is a smart contract, not an Externally Owned Account (EOA). This enables programmable transaction logic and superior user experience through standards like ERC-4337. Key features powered by contract-based signing include:

• Social recovery and multi-signature schemes
• Gas sponsorship (paying fees in ERC-20 tokens)
• Batch transactions (multiple actions in one signature)
• Session keys for limited, time-bound permissions This moves signing from a simple cryptographic act to a flexible policy engine.

The private key is the ultimate source of authority for signing transactions. Its security is paramount.

• Secure Storage: Keys should be generated and stored in a hardware wallet or secure, air-gapped environment, never in plaintext.
• Key Derivation: Use Hierarchical Deterministic (HD) wallets to derive addresses from a single seed phrase, reducing backup complexity.
• Never Share: A private key should never be entered on a website or shared with any service.

A replay attack occurs when a valid signed transaction is maliciously rebroadcast to the network.

• Nonce Protection: Ethereum and similar chains use a nonce (number used once) that increments with each transaction from an account, preventing replay on the same chain.
• Cross-Chain Replay: A transaction signed for one Ethereum fork (e.g., ETH) could be replayed on another (e.g., ETC). Wallets must include a Chain ID (EIP-155) in the signature to bind it to a specific network.

Signature malleability refers to the ability to alter a valid signature without invalidating it, potentially causing transaction ID confusion.

• ECDSA Quirk: The standard ECDSA algorithm used by Bitcoin and Ethereum can produce a second valid signature for the same data.
• Protocol-Level Fixes: Bitcoin adopted BIP-62 and SegWit to mitigate this. Ethereum's EIP-2 hardened the v value in signatures, making them immutable once submitted.

Miner Extractable Value (MEV) exploits the public mempool where pending transactions are visible.

• Front-Running: A malicious actor sees a profitable pending transaction (e.g., a large DEX trade) and pays a higher gas fee to have their own transaction executed first.
• Protection Strategies: Use private transaction relays (e.g., Flashbots Protect), commit-reveal schemes, or fair sequencing services to reduce exposure.

Signing interfaces can be spoofed, and smart contracts can request dangerous permissions.

• Interface Spoofing: Always verify the domain and requested permissions in your wallet pop-up. A common attack is a signature phishing request that appears legitimate.
• Infinite Approvals: Granting a token allowance to an untrusted contract can lead to total fund drainage. Use revocable, time-limited allowances or permit signatures (EIP-2612) instead.

Multi-signature (multisig) wallets and social recovery systems distribute signing authority to mitigate single points of failure.

• Multisig Wallets: Require m-of-n signatures (e.g., 2-of-3) from designated key holders to execute a transaction, protecting against a single compromised key.
• Social Recovery: Used by smart contract wallets (e.g., Argent, Safe), allowing a user's pre-defined guardians to recover access if a signing device is lost, without ever holding a single private key.

A private key is a secret, cryptographically generated number that acts as the ultimate proof of ownership for a blockchain account. It is used to create a digital signature for any transaction originating from that account. The key principles are:

• Secrecy is paramount: The private key must never be shared.
• Mathematical link: It has a one-way mathematical relationship with a public address.
• Loss is permanent: Losing a private key means irrevocable loss of access to the associated funds and assets.

A digital signature is the cryptographic output generated by signing a transaction hash with a private key. It serves two primary functions:

• Authentication: It proves the transaction was authorized by the holder of the specific private key.
• Integrity: It guarantees that the transaction data has not been altered after being signed.

Common algorithms include ECDSA (used by Bitcoin and Ethereum) and EdDSA (e.g., Ed25519, used by Solana). The signature is verified by the network using the sender's corresponding public key.

The public key is derived from the private key and can be safely shared. It is used to:

• Verify signatures to confirm a transaction's authenticity.
• Generate a public address, which is typically a shortened, hashed version of the public key (e.g., 0x... for Ethereum).

This creates a secure chain: the private key signs, the public key verifies, and the address is the public identifier where assets are received. The system ensures you can prove ownership without revealing your secret.

Signing schemes define the rules and participants required to authorize a transaction. Key types include:

• Single-signature (1/1): The standard model, where one private key provides authorization.
• Multi-signature (M-of-N): Requires signatures from a predefined subset (M) of a group of N authorized keys. Used for treasury wallets and escrow.
• Threshold Signature Schemes (TSS): A more advanced form of multi-party computation that generates a single, aggregated signature from multiple parties, improving privacy and efficiency.

A transaction hash (or transaction ID) is the unique fingerprint of a transaction, generated by cryptographically hashing the signed transaction data. It is critical for signing because:

• Signing target: The private key signs the hash of the transaction, not the raw data.
• Immutable record: Any change to the transaction data creates a completely different hash, invalidating the original signature.
• Public proof: The hash is used to look up and verify the transaction on a block explorer.

A wallet is software or hardware that manages private keys and facilitates transaction signing. Wallets abstract the complexity of cryptography for users. Core functions include:

• Key generation & storage: Securely creating and storing private keys.
• Transaction construction: Building the raw transaction data.
• Signing interface: Providing a secure environment (e.g., a hardware wallet's secure element) to sign transactions without exposing the private key.

Types include hot wallets (software, connected to internet) and cold wallets (hardware or paper, offline).