Signing Bitcoin transactions

There is a part of the Bitcoin protocol that I don’t quite understand.

When you make a transaction, and spend the output of a previous transaction for say 1 BTC, you provide a signature using the private key matching the public key (or address) that appears in the output of the previous transaction. My first question here is what exactly is signed?

Second, when the transaction is broadcast, what prevents a malicious peer to take the input of my transaction with signature, for 1 BTC, and forge a new transaction using that same input going to their own address? To avoid that, the full transaction (including outputs) would need to be signed, I couldn’t find a document indicating the whole transaction is signed.


From what I gather you sign both the input and the output of the transaction, meaning that nobody can alter the content of the transaction without invalidating your signature. I also had some problems with this part of the algorithm, and even asked a similar question earlier, but this one deals with more of the low-level bit operations rather than the high-level concept.

Leave a Reply

Your email address will not be published. Required fields are marked *