Explaining Bitcoin. What are signature hashes?
The transaction input is signed in 2 steps. The first step is to create a message that will contain the signature of the private key. While the 2nd step is to directly calculate the signature. The message you need to sign is the 32-byte hash (sha256 doubled) from the transaction model, created according to the type of the signature itself.
This article shows each kind of signature and allows you to understand what elements of the transaction system will be enclosed by this signature, and also explains in a short manner the process of generating transaction templates for all signatures. Each type is accompanied by a clear example. All examples of hash preview (transaction template) for transaction without segwit:
This is the most commonly used signature. It signs every input/output, each element is protected from correction. Signature scripts that cannot be signed, are removed from all inputs every time before the signature hash preimage template before the start of a signing.
The output type information is missing from the preview template, however, there is one output with an index that is identical to the signature of the input information. All input type information is included in the preview image, but the sequence field for inputs without signature is missing and does not preclude updating.
In case the input index of the signature matches the missing output index, we encounter exceptions where the pattern hash is 1. If the input data is signed with a hash from the preimage whose value is 1, the outcome is
If the signature’s input index equals an absent output index, an exception is thrown where the template hash returns 1. Signing the input with a preimage hash of 1 will compromise the private key.
Each input or output feature is excluded from the preview model. There is no sequence field for non-signing inputs and is easily updated. Each output is open for correction until any other transactional input blocks outputs with a different kind of signature. To use such a signature in a single variant without other forms that block outputs is unsecure.
Signs each of the outputs but only this one. Every other input is not used. This variant allows anyone to add or delete any input, which allows funds to be added to transactions, but not to configure a funds arrival endpoint.
Is the signature of this input and the output that matches it. Every other input and output is not used. Allows those who wish to configure a number of other inputs and outputs. The signer must close their side of the transaction.
Serves as a signature for only one input, every other input or output is excluded
