In simple terms...how does ledger transmit data securely?

[DrBitcoin]

So, I understand that my bitcoin is stored on the blockchain, not on the ledger.
I understand that the ledger holds the private keys in its secure element that claims ownership to those coins.

But what I can’t seem to understand is how the ledger transmits data to the blockchain saying “I’m sending 2 bitcoins to a public key.” Without accessing those private keys. Like it only transmits signed transaction data?? What is that.

Sorry, I barely even know how to ask the question but I’m sure someone knows what I’m trying to ask and can explain in in a really simple way!

Thanks. I would love to understand this concept and stop thinking about it.

[1715035086]

1715035086

[1715035086]

1715035086

[HCP]

The "data" (in this case, the details of the transaction) is secured once the transaction has been "signed". After it has been signed, any modification to the transaction details will cause signature validation to fail and the transaction will be rejected by any node you attempt to pass it to. Likewise, if the data is NOT signed, nodes will reject it as "unsigned". You can think of the "signature" as like a tamper proof seal wrapped about the transaction details. Nodes are configured to reject transactions if the seal is "damaged" or "missing".

So, what happens is that you first create an "unsigned" transaction in the software that you are using in conjunction with your ledger (ie. Ledger Live or Electrum or MEW etc)... Note that this "unsigned" transaction is built using the public keys that the Ledger device will export to the software so it can determine which UTXOs you are able to spend (ie. which public keys/addresses are "yours"). The private keys are safely stored on the Ledger device in the secure element and are never exposed.

Once you're ready to send, the "unsigned" transaction is first passed to the Ledger device for signing. This is why it is very important to double check the info that the Ledger device displays, with the info being displayed in your wallet software... if the info matches and (more importantly) is what you were actually trying to achieve (ie. send 2 bitcoins to public key X), you "confirm it" by pressing the "yes" button on the device and then the device will go ahead and sign the transaction using the appropriate private keys inside the secure element, and then it will pass the "signed" transaction back to your wallet software.

At this point, the transaction can not be modified in any way... so, you're free to broadcast this "signed" transaction to the network, safe in the knowledge that no-one can modify it because of the "tamper proof seal"

[DrBitcoin]

The "data" (in this case, the details of the transaction) is secured once the transaction has been "signed". After it has been signed, any modification to the transaction details will cause signature validation to fail and the transaction will be rejected by any node you attempt to pass it to. Likewise, if the data is NOT signed, nodes will reject it as "unsigned". You can think of the "signature" as like a tamper proof seal wrapped about the transaction details. Nodes are configured to reject transactions if the seal is "damaged" or "missing".

So, what happens is that you first create an "unsigned" transaction in the software that you are using in conjunction with your ledger (ie. Ledger Live or Electrum or MEW etc)... Note that this "unsigned" transaction is built using the public keys that the Ledger device will export to the software so it can determine which UTXOs you are able to spend (ie. which public keys/addresses are "yours"). The private keys are safely stored on the Ledger device in the secure element and are never exposed.

Once you're ready to send, the "unsigned" transaction is first passed to the Ledger device for signing. This is why it is very important to double check the info that the Ledger device displays, with the info being displayed in your wallet software... if the info matches and (more importantly) is what you were actually trying to achieve (ie. send 2 bitcoins to public key X), you "confirm it" by pressing the "yes" button on the device and then the device will go ahead and sign the transaction using the appropriate private keys inside the secure element, and then it will pass the "signed" transaction back to your wallet software.

At this point, the transaction can not be modified in any way... so, you're free to broadcast this "signed" transaction to the network, safe in the knowledge that no-one can modify it because of the "tamper proof seal"

Thanks for your response. Perhaps I’m...how you say...not smart, but I still don’t get it. I sort of do...but not really.

[HCP]

But what I can’t seem to understand is how the ledger transmits data to the blockchain saying “I’m sending 2 bitcoins to a public key.” Without accessing those private keys. Like it only transmits signed transaction data?? What is that.

Ok... so going back to your original post, it seems like what you're actually thinking is "how the Ledger can "sign" a transaction, without accessing the private keys?".

The short answer, is that it can't... it absolutely MUST access the private keys. However... the trick to the Ledger is that it has the "secure element". This is basically a mysterious "black box" containing all your private keys... the black box can see/access your keys... but no one else (including you) can. So, the idea is that you put in an unsigned transaction... the black box does "magic black box stuff"™ and a signed transaction comes back out.

You can't see what is in the box, you can't access what is in the box... the box will only accept an unsigned transaction^[1] as input... and will only give a signed transaction (or error) as output. It has a bunch of inbuilt code and functions and magic smoke that allow it to achieve this wizardry... but due to Non-Disclosure Agreements and lot's of secrecy... the only people that actually know exactly how the internals of this black box work are the manufacturers.

Hopefully that helps...


[1] - In case any pedants are here... yes, I know it will also accept "messages" for signing.

[bob123]

Is your question how the transactions are being sent via internet without risks ?
Or is your question how the nano s (the hardware wallet you have) creates the transactions without leaking your private keys ?


Regarding the first:

If you have received 1 BTC to an address from the nano s, this 1 BTC is 'assigned' to a public key (here called public key A).
In order to spend this BTC, you need to create a transaction which says 'send 1 BTC from public key A to public key B'.

Since anyone can create such a transaction (saying 'send 1 BTC from public key A ... '), you need to sign the transaction.
Signing is done with the private key which corresponds to the public key. So in this case you would need to sign the transaction with private key A.

Signing is a cryptographic process, which ensures that noone can change information inside of the transaction without the signature being invalid (signatures depend on the content they sign).
Since transactions are only valid if the signature is valid, you can now send the signed transaction via the internet without any risks of tampering etc..


The only sensitive information here is the private key. Anything else can be seen / accessed by everyone without any risks.



Regarding the second:
The nano s has a secure element. This is not simply a memory chip, but a micro chip which can sign transaction with the private keys it has stored.
If you want to send BTC, your computer creates a transaction (non-sensitive information) and sends it to the nano s.

Then the nano s reads the transaction and displays the information for you to approve.
Once you click the 'accept' button, the secure element signs the transaction and sends it back to the computer (no sensitive information).

The sensitive information (private keys only) are stored inside of the secure element. They never touch your computer or anything outside of the secure element.



If this still didn't answer your question, feel free to describe your concerns more precisely.

[DrBitcoin]

But what I can’t seem to understand is how the ledger transmits data to the blockchain saying “I’m sending 2 bitcoins to a public key.” Without accessing those private keys. Like it only transmits signed transaction data?? What is that.

Ok... so going back to your original post, it seems like what you're actually thinking is "how the Ledger can "sign" a transaction, without accessing the private keys?".

The short answer, is that it can't... it absolutely MUST access the private keys. However... the trick to the Ledger is that it has the "secure element". This is basically a mysterious "black box" containing all your private keys... the black box can see/access your keys... but no one else (including you) can. So, the idea is that you put in an unsigned transaction... the black box does "magic black box stuff"™ and a signed transaction comes back out.

You can't see what is in the box, you can't access what is in the box... the box will only accept an unsigned transaction^[1] as input... and will only give a signed transaction (or error) as output. It has a bunch of inbuilt code and functions and magic smoke that allow it to achieve this wizardry... but due to Non-Disclosure Agreements and lot's of secrecy... the only people that actually know exactly how the internals of this black box work are the manufacturers.

Hopefully that helps...


[1] - In case any pedants are here... yes, I know it will also accept "messages" for signing.

This helped TREMENDOUSLY. The only thing I don’t understand is how that magic box can’t make shit up? Like sign a transaction suggesting it has the private keys to 3 bitcoins instead of 2. That’s what I don’t get. 

[HCP]

Because that information (what public keys contain what) is contained in the blockchain... the blockchain is a record of all bitcoin transactions. It records all movements of bitcoin from public key to public key. From this public record, we derive what is known as the "UTXO set"... Unspent Transaction Outputs. This is the current record of what public keys owns what bitcoins.

So, you can certainly try and sign a transaction claiming you own 3 bitcoins instead of 2... but the full nodes that accept and validate transactions will reject this transaction as invalid, as they won't be able to find that extra bitcoin that doesn't exist in the UTXO set.

This is what full nodes do... they validate transactions and blocks. They start at the "genesis block", the very first block in the blockchain and then they validate each and every block from there right up to the blocks/transactions being made today (this is why the blockchain data is over 250gigs and growing)... each block builds on the previous one, creating the immutable chain. Any attempt to modify any of it will render the whole chain after the modification as invalid... and then blocks/transactions will simply be rejected.