Frustration
How is it that all of the JS APIs we have around do not have an easy way to validate a signature?
Building My Own System For Validating Signatures
First, if you look at the integer set that Bitcoin uses, it consists of 2256. This is good for users, but if you want to just try to understand things in a concrete manner. It would be nice to work in something smaller:
Let's take this set: {-2,-1,0,1,2}.
How do we add? We add normally and then we add or subtract 5 until we get a number back in the original set. Same rule with subtraction or multiplication. Division is the same idea as multiplication but backwards. If we want to do a / b, we need to figure out an x, such that x * b = 1 in our current system.
| + | 2 | -2 |
|---|---|---|
| 2 | -1 | 0 |
| -2 | 0 | -1 |
Addition for 1, 0, and -1 pairs work like you would otherwise expect.
| * | 2 | -2 |
|---|---|---|
| 2 | -1 | 1 |
| -2 | 1 | -1 |
Multiplication by -1, 0, and 1 do what you would otherwise expect.
So, now we come to the elliptic curve:
y2 = x3 - x - 1
The set only has five numbers so we can plugin x for each value
| x | y | y2 |
|---|---|---|
| -2 | -2 | |
| -1 | 2 or -2 | -1 |
| 0 | 2 or -2 | -1 |
| 1 | 2 or -2 | -1 |
| 2 | 0 | 0 |
For getting y from y2, you must find the square root (but for this system), so now you are trying to find a y so that y2 is -2, -1, and 0. It turns out that y2, is never positive on this curve. Now in the case of y2=-2, there is no solution. Check the multiplication table above. There is no square root for -2.
So now we have a set of points that satisfy our equation. {(-1,-2), (-1,2), (0,-2), (0,2), (1,-2), (1,2), (2,0)}.
(2,0) is our O point. The reason will be clear later.
Now one of these points will have to be our G. When you draw the dots on graph paper, you get three dots on y = 2, and three dots on y = -2 and another one on the x axis at 2.
Yet Another System of Adding and Multiplying
Notice that every point except (2,0) has a reflecting point in the x-axis. Any point can be added to any other provided they don't land on the same vertical. Addition is done by taking the slope between the two of them finding the other point that is also on that line and then the reflection of that point in the x-axis is the sum of the two original points.
Sometimes we can multiply a point by 2, but not always.
Take (-1,2)+(1,-2) Well the slope here is 1/2. So, now these points define a sloped line: (-1+2a,2+a): {.., (-1,2), (1,-2), (-2, -1), (0, 2), ...}. The point (0,2) is on the curve. We now must reflect it along the x-axis. It's reflection is (0,-2), so (-1,2)+(1,-2)=(0,-2). And so that's how that works.
If you add a point to itself, you must calculate the slope by pretending it's real again. Use calculus and derive the derivative:
y^2^ = x^3^ - x - 1
2ydy = 3x^2^dx - dx
dy/dx = (3x^2 - 1 )/(2y)
Example:
For (0,2) :
dy/dx = (3x^2 - 1 )/(2y)
dy/dx = (3*0^2 - 1 )/(2*2)
dy/dx = -1/(4)
Remember 4 = -1 in this system.
dy/dx = -1/(-1)
Now divide by -1, is find a number a so that -1a = 1. Trying different numbers, gives you a = -1.
dy/dx = -1*-1 = 1
The slope is 1.
Now, { (a, 2 + a) | a integer }
{(-2, 0), (-1, 1), (0, 2), (1, -2), (2, -1)}
So the other number is (1,-2). Now we take the reflection of it. Thus 2(0,2) is (1,2).
| Q | slope | 2Q |
|---|---|---|
| (-1,2) | 3 | (-1,2) |
| (-1,-2) | 2 | (1,-2) |
| (0,2) | 1 | (1,2) |
| (0,-2) | -1 | (1,-2) |
| (1,2) | 3 | (2,0) |
| (1,-2) | 2 | (2,0) |
| (2,0) | undefined - can't divide by zero | undefined |
2(1,-2) = (2,0) and so does 2(1,2)!
They consider the point (2,0) to be a Zero, so now you can add with it as if it is a real and we have an identity so when adding nothing happens.
This is a weird world where points that are considered non-zero can add up to zero.
Later, I'll encrypt something with this system using a private key. It wont be terribly secure.
Enough mental exercise, time to get on the bike.