Digital signature is used in Bitcoin to provide a proof that you own the private key without having to reveal it (so proves that you are authorized to spend the associated funds). The digital signature, additionally, makes sure that a transaction cannot be modified by anyone after signed.

A digital signature is actually created by the elliptic curve digital signature algorithm (ECDSA).

The digital signature scheme consists in two parts: 1) signing, where you use the private key to produce a digital signature and 2) verifying, where the message and the public key can be used to check the digital signature has been really made with the private key associated to that public key.

For practical uses, the most important elements to be aware of are the following:

  • The digital signature is created using your private key;
  • the digital signature is an offline procedure: no internet connection is needed, you just need your private key (important for example when creating cold wallets);
  • the digital signature + the public key are enough for nodes to verify that the private key associated to that public one, has been made such a signature;
  • the digital signature is normally made using a wallet system. Using an hardware wallet, all the signature process is done internally to the device and the already signed transaction is going out from the device;

the digital signature thus is needed to move funds and interact with the Bitcoin network.

In Bitcoin we have the transaction (like a message) and the private key, which is used as signing key for the message (transaction).

The digital signature can be applied to the whole transaction and so committing all the inputs and outputs (and any other transaction field). Otherwise we can use the digital signature to commit only a subset of the transaction itself.

the SIGHASH is 1 byte that is to be appended to signature and indicates which part of the transaction data is included in the hash signed by private key.

For the above mentioned reasons, in bitcoin, each input can be signed independently. This means that the digital signatures involved need not to belong to the same owners. Same is also for inputs. This makes possible to create particular transactions named coinjoin, in which multiple owners are involved to generate a privacy enhanced transaction scheme.