Henning, The signatures do actually guarantee the integrity of the current transaction if sighash all is used (it is used by default). The signature is actually the signature of the hash of the entire transaction except for the other inputs. As you can see in the picture that you linked to, the outputs, the previous output script, the outpoints, and everything else in a transaction except for the other inputs are included in the data hashed. If this is changed by anyone, the hash will no longer match and the signature is no longer valid. This is how transactions are prevented from being modified.
Andrew On 4/12/2016 10:03 AM, Henning Kopp via bitcoin-discuss wrote: > Hi all, > > as far as i understand OP_Checksig is there to check authorization. It > guarantees that the creator of the transaction is authorized to spend > the funds of a previous transaction. > It does not guarantee integrity of the current transaction, since the > signature is over the outputs of the previous transaction > (modulo some gory details > https://en.bitcoin.it/w/images/en/7/70/Bitcoin_OpCheckSig_InDetail.png) > > So there needs to be another mechanism for that. How does that work? > What prevents miners from modifying the txouts of unmined > transactions? > I assume this is also solved by signatures. Is the whole transaction > signed by the public key before relaying? > > All the best > Henning > _______________________________________________ bitcoin-discuss mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-discuss
