Consider two users on the network: call them Alice and Bob.
Recall that they both have private and public keys.
Private and public keys in Bitcoin are generated through an algorithm called ECDSA, or Elliptic Curve Digital Signature Algorithm.
We’ll go over that in the next section.
So Alice wants to send over a message to Bob.
How can she do this and make sure no one tampers with her message?
So first we point out that Bob has access to Alice’s public key, since that’s public information that’s used to identify Alice.
We’ll see later on that this is important to help Bob verify that a message coming from Alice was actually sent by Alice.
Before sending out her message, Alice signs her message with her private key.
This generates a unique signature that proves that she created the message as it is.
She then sends her signature along with her original message to Bob.
The idea is that the message is the main payload, and the signature can be used to prove that Alice was the one who created that exact message.
Bob is then able to easily verify that the signature is valid, given Alice’s public key and the original message.
And if the signature is valid, then that means the message wasn’t tampered with.
In order for Alice to have created that signature, she must have had the associated private key.
Also, at any point in time if her message was tampered with, the signature would not be valid anymore.
So this is how digital signature schemes make messages tamper evident.
A key point is that Bob or anyone else should not be able to guess Alice’s private key, given just her public key.
Otherwise, Bob or anyone else would be able to recreate Alice’s signatures and thus fake her identity.
We’ll see how this is prevented in the next section, where we explain the way we generate public and private key pairs.